have critical error, sfc /scannow not working

E

EvgenKamensky

Well-known member
Joined
Mar 25, 2016
Posts
45
Location
Moscow
Hello

have some issues with windows. already posted DISM and sfc /scannow issues (both not working) after latest update but was advised to start New Topic here

tried to use KVRT tool and it detected active malware/virus in system memory then cured it. but still have the same issues
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by homepc (administrator) on SIMPC (Gigabyte Technology Co., Ltd. G1.Guerrilla) (07-10-2019 18:42:58)
Running from C:\Users\homepc\Desktop\Tor Browser
Loaded Profiles: homepc (Available Profiles: homepc & test & newuser & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Pro Version 1809 17763.775 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(CA -> CA) H:\CA_LIC\lic98Service.exe
(CA -> CA) H:\CA_LIC\LogWatNT.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent_adm.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.) C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe
(FxSound, LLC -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Jeppesen Sanderson, Inc -> Jeppesen) C:\Program Files (x86)\Jeppesen\JWC\JWC.exe
(Konstantin Polyakov IP -> Chemtable Software) C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SelfSigned -> ) [File not signed] C:\Program Files (x86)\Dating\Dating.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SurfRight B.V. Dickmaster -> SurfRight B.V.) [File not signed] C:\Program Files\HitmanPro\HitmanPro.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The OpenVPN Project) [File not signed] C:\Program Files\OpenVPN\bin\openvpnserv.exe
(TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\homepc\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22147976 2019-10-02] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Process Killer] => C:\Program Files (x86)\Process Killer\prkiller.exe [38400 2005-07-30] () [File not signed]
HKLM-x32\...\Run: [QW787_v1.1.2a_update] => F:\Симуляторы\P3DV4\Самолеты\QW_787_P3DV4\QW787_v1.1.2a_update.exe [17147444 2018-11-21] () [File not signed]
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1780728 2019-07-26] (FxSound, LLC -> ) [File not signed]
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-02-20] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FlightPlan] => e:\симуляторы\FlightPlan_3_7\FlightPlan.exe [835584 2012-05-05] (Umberto Degli Esposti) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [14941336 2018-06-04] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Task Killer] => E:\Task.Killer.Portable\TaskKiller.exe [221696 2015-12-19] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [AutoHideMouseCursor] => E:\FSL_A320X\P3Dv4.1\FSLabs_A320X_P3D_v2.0.1.237\AutoHideMouseCursor_x64\AutoHideMouseCursor_x64.exe [152576 2018-03-23] (Nenad Hrg (SoftwareOK.com)) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [636416 2017-09-15] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Viber] => C:\Users\homepc\AppData\Local\Viber\Viber.exe [41029704 2019-09-25] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [ECMHelper] => C:\Program Files (x86)\Экранная Камера\Agent.exe [847600 2018-12-26] (AMS Software) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16443120 2018-10-05] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [GameCenter] => C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe [9983616 2019-08-08] (Mail.Ru, LLC -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [SimBrief Downloader] => C:\Users\homepc\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer -> Derek Mayer)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23912440 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {0dd97860-05ce-11e9-82b3-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {94b459e9-074c-11e9-82bb-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {a16e49be-19a4-11e9-833c-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {acbb8ff6-100a-11e9-8305-001fc6276e5b} - "L:\dvdcheck.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {d8fd3f33-0891-11e9-82be-001fc6276e5b} - "L:\setup.exe"
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk [2019-09-15]
ShortcutTarget: Bigfoot Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2019-05-15]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2018-12-24]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dating.lnk [2019-07-28]
ShortcutTarget: Dating.lnk -> C:\Program Files (x86)\Dating\Dating.exe (SelfSigned -> ) [File not signed]
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disk-O.lnk [2018-12-10]
ShortcutTarget: Disk-O.lnk -> C:\Users\homepc\AppData\Local\Mail.Ru\Disk-O\DiskO.exe (LLC Mail.Ru -> Mail.Ru)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Letasoft Sound Booster.lnk [2019-01-08]
ShortcutTarget: Letasoft Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft LLC -> Letasoft)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2018-05-22]
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D63D986-6751-4C26-908A-260F5ADD4292} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [6287776 2019-02-19] (Bandicam Company -> Bandicam Company)
Task: {32566FC1-6EE8-417C-B89F-C1B871382D6B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3B483FCD-B42F-4CBE-96E6-15CEE4158812} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_homepc => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {3E531F2C-FC20-4030-9AD8-58A7330BE779} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
Task: {48669851-E43F-4749-86DF-BC580859156F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BB42F87-709C-4EA8-9AA8-43DB55C04928} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [6982216 2019-09-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {4F71DDFA-CEB3-46C5-B103-0CC0B3BD3FED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {577622A0-4C43-496D-85A2-924AC1336ADD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-14] (Adobe Inc. -> Adobe)
Task: {66669C3C-4730-45E9-9C0C-98B790D86110} - System32\Tasks\Core Temp Autostart homepc => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {6F3C805A-1DD5-4554-8B51-D1E29E54E471} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {88F6EC18-D85C-48C2-9AE3-B0D27DEDAB6F} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1029512 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {8A7573F9-A3B1-4BB5-862D-EF7D294221F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B25905B-ED6B-4E17-8FA2-A86E1473AEC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9302A8F4-8FD2-453C-9B6C-AA8A44265007} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2357164880-557895980-647672482-1001 => C:\Users\homepc\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {95F74322-C145-432A-B5DC-5A00537981D5} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [709512 2019-08-15] (Bitsum LLC -> Bitsum LLC) <==== ATTENTION
Task: {987F598E-0428-4639-8259-2820430D78D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C6F6EEC-7E5B-47DD-909B-47537097061D} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {B425F0F0-DE66-4D15-AF02-AEDBE66B23D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {B58A9E73-4B07-44D6-BF0F-C16A3B42C820} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1541520 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {C75E651E-8A3B-4A70-B2F8-705E6390EEC8} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {DE55D662-192E-44AD-A44C-92D7366BE150} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFAA9ABF-7272-4539-A3FA-4FE093594CE5} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {E44CA61A-0EB9-44E0-B78C-2BB962CB3CDE} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2550968 2012-08-30] (Beepa Pty Ltd -> Beepa P/L) [File not signed]
Task: {E769C0E3-71CF-445A-B5C7-EA3170B56DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {E80A2128-822A-4712-A4B1-82EFDAE09546} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ED970E6A-70A3-4E19-9243-A8AD38614FC6} - System32\Tasks\FPSMonitor => C:\Program Files (x86)\FPS Monitor\FPSMonitor.exe [7098592 2019-04-25] (Kozadaev Eduard Vladimirovich -> )
Task: {F6DA550E-A9CA-4E3C-84DE-900736C61C68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F95AE5D8-379F-4656-BED6-12A6D5A2C054} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [11517320 2019-08-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {FFB35F64-23CA-42B2-BD87-CC98E4B0A343} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 22 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 22 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31232c54-0567-44c1-af24-8ca68e6dc70f}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{b922b671-da25-45bc-bcb6-227098c215e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=812208
SearchScopes: HKU\S-1-5-21-2357164880-557895980-647672482-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BACD27B3D-C9E4-4CD8-9795-15E79965F9DD%7D&gp=812209
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: YoutubeAdBlock -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> No File
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2017-06-23] (Download Master -> WestByte) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pze24zhj.NESTOR
FF DefaultProfile: lh2u6es8.default
FF ProfilePath: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR [2019-10-07]
FF Homepage: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> hxxps://yandex.ru/?clid=2224022
FF NetworkProxy: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: homeutil@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: vb@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@hoxx-vpn.xpi [2019-10-07]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@setupvpncom.xpi [2019-10-07]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@webrtc-leak-shield.xpi [2018-02-24]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\client@anonymox.net.xpi [2018-12-14]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\divanproger@gmail.com.xpi [2019-08-19]
FF Extension: (Free Download Manager) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\fdm_ffext2@freedownloadmanager.org.xpi [2019-09-25]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@ghostery.com.xpi [2019-08-29]
FF Extension: (MEGA) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@mega.co.nz.xpi [2019-10-03] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@tampermonkey.net.xpi [2019-05-30]
FF Extension: (Start Page — Yandex) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\homeutil@yandex.ru.xpi [2019-09-09]
FF Extension: (Pinterest Save Button) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2019-09-25]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\public.proartex@gmail.com.xpi [2018-05-08]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (uBlock Origin) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\vb@yandex.ru.xpi [2019-04-24]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\xd4rker@gmail.com.xpi [2019-02-04]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\zoompage-we@DW-dev.xpi [2019-09-23]
FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2019-05-14]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF SearchPlugin: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\searchplugins\mailru.xml [2015-11-21]
FF ProfilePath: C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default [2019-02-27]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\lh2u6es8.default -> hxxp://mail.ru/cnt/10445?gp=812204
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@hoxx-vpn.xpi [2018-10-19]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@setupvpncom.xpi [2018-02-06]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@webrtc-leak-shield.xpi [2018-03-28]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\client@anonymox.net.xpi [2017-06-24] [Legacy]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\divanproger@gmail.com.xpi [2018-12-16]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@ghostery.com.xpi [2019-01-31]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@tampermonkey.net.xpi [2018-10-06]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\public.proartex@gmail.com.xpi [2017-06-24] [Legacy]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\s3google@translator.xpi [2018-10-20]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\vb@yandex.ru.xpi [2017-08-01] [Legacy]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\xd4rker@gmail.com.xpi [2018-11-21]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\zoompage-we@DW-dev.xpi [2018-12-16]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-26]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-31]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-10-06]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2018-06-29] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-02-02] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2017-12-24] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxp://www.mail.ru/cnt/9516","hxxp://mail.ru/cnt/10445?gp=812208"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B792CA924-60DD-4AE5-BF89-099626812133%7D&gp=812209
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default [2019-10-07]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2019-01-01]
CHR Extension: (Download Master) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljdacfojgikogldjffnkdcielnklkce [2019-09-25]
CHR Extension: (Direct.Fastix ) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknnjfgcgglncamgpbbdfkianokjohlh [2019-02-03]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Adblocker for Youtube™) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohajmcdpjokbdoihfhkpbmlmknejmoec [2018-02-02]
CHR Extension: (Chrome Media Router) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-07]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.16.4.6852\BVDChromeExt.crx [2018-12-29]
CHR HKLM-x32\...\Chrome\Extension: [dljdacfojgikogldjffnkdcielnklkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fppjhfcgnalgfiimdflmikpifodndljf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gbnhehnpnbiioheicppmmmjaekcdfigc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-09-16] (BattlEye Innovations e.K. -> )
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [File not signed]
S4 BLMS; C:\Program Files (x86)\BASTION\BLMS.exe [33280 2015-04-29] () [File not signed]
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
R2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [ ]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14703064 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2226136 2019-10-03] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [5388856 2019-08-28] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7136488 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R2 FSLabs Service; C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe [92304 2018-11-08] (Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [439296 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
S4 hasplms; C:\WINDOWS\system32\hasplms.exe [4319776 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-02-02] (SurfRight B.V. -> SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LogWatch; H:\CA_LIC\LogWatNT.exe [75016 2008-05-20] (CA -> CA)
S2 MySQL; C:\Program Files (x86)\BASTION\mysql\bin\mysqld.exe [11074560 2016-01-15] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2018-06-01] (Letasoft LLC -> Letasoft)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2019-02-20] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath
R3 ALSysIO; C:\Users\homepc\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-07] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 Arctosa; C:\WINDOWS\system32\drivers\Arctosa.sys [26624 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 BfEdge7x64; C:\WINDOWS\System32\drivers\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R3 BFN7x64; C:\WINDOWS\System32\drivers\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 cpuz140; no ImagePath
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DIRECTIO37; C:\Program Files\BurnInTest\DirectIo64.sys [31376 2015-02-16] (PassMark Software Pty Ltd -> )
R0 DrWebLwf; C:\WINDOWS\System32\drivers\DrWebLwf.sys [505592 2019-10-07] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2019-09-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R0 DwDevGuard; C:\WINDOWS\System32\drivers\dwdg.sys [241264 2019-03-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\WINDOWS\System32\drivers\dwelam.sys [31984 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\WINDOWS\System32\drivers\dwprot.sys [860240 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-01-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1304840 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2019-10-07] (SurfRight B.V. -> )
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ip100Avista; C:\WINDOWS\System32\drivers\ipfnd51.sys [36864 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-11] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2018-03-02] (Extra Solutions Ltd -> Trust.Zone VPN Project)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OSFMount; C:\Program Files\OSFMount\x64\OSFMount.sys [1038416 2018-03-22] (PassMark Software Pty Ltd -> PassMark Software)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-04-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PORTMON; C:\SysinternalsSuite\PORTMSYS.SYS [28656 2018-12-11] (Systems Internals) [File not signed]
S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [39568 2016-06-14] (Prosoft Engineering, Inc. -> )
S3 rspSanity; C:\WINDOWS\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 SpiderG3; C:\WINDOWS\System32\drivers\spiderg3.sys [390248 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2019-09-21] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-11-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp; C:\WINDOWS\system32\disko\winfsp-x64.sys [144848 2018-01-25] (Navimatics Corporation -> Navimatics Corporation)
S3 LVPr2M64; \SystemRoot\system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 18:42 - 2019-10-07 18:43 - 000000000 ____D C:\FRST
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ C:\Users\homepc\AppData\Local\recently-used.xbel
2019-10-07 16:39 - 2019-10-07 16:39 - 000000000 ____D C:\WINDOWS\Panther
2019-10-07 16:03 - 2019-10-07 16:03 - 000001558 _____ C:\Users\homepc\Desktop\SFCFix.txt
2019-10-07 16:00 - 2019-10-07 16:00 - 000000000 _____ C:\WINDOWS\system32\sfc
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\LocalLow\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\OneDrive
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Mozilla
2019-10-07 15:51 - 2019-10-07 15:51 - 000000000 ____D C:\Users\newuser\AppData\Local\Comms
2019-10-07 15:26 - 2019-10-07 15:26 - 000000000 ____D C:\Users\newuser\AppData\Local\ChemTable Software
2019-10-07 15:24 - 2019-10-07 15:26 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1010
2019-10-07 15:24 - 2019-10-07 15:26 - 000000000 ___RD C:\Users\newuser\OneDrive
2019-10-07 15:24 - 2019-10-07 15:24 - 000001450 _____ C:\Users\newuser\Desktop\Microsoft Edge.lnk
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\OpenVPN
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\Toshiba
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\PlaceholderTileLogoFolder
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\DFX
2019-10-07 15:23 - 2019-10-07 16:18 - 000011114 _____ C:\Users\newuser\Documents\FPSMonitor.txt
2019-10-07 15:23 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Packages
2019-10-07 15:23 - 2019-10-07 15:26 - 000002369 _____ C:\Users\newuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:23 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser
2019-10-07 15:23 - 2019-10-07 15:23 - 000000258 __RSH C:\Users\newuser\ntuser.pol
2019-10-07 15:23 - 2019-10-07 15:23 - 000000020 ___SH C:\Users\newuser\ntuser.ini
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___RD C:\Users\newuser\3D Objects
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___HD C:\Users\newuser\MicrosoftEdgeBackups
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\ProcessLasso
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Adobe
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\VirtualStore
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Publishers
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\MicrosoftEdge
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Google
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\ConnectedDevicesPlatform
2019-10-07 15:23 - 2017-06-25 00:42 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Macromedia
2019-10-07 15:07 - 2019-10-07 15:07 - 000000000 ____D C:\Users\test\AppData\Local\Toshiba
2019-10-07 14:19 - 2019-10-07 14:19 - 000001831 _____ C:\Users\Public\Desktop\Prepar3D v4.lnk
2019-10-07 14:19 - 2019-10-07 14:19 - 000001831 _____ C:\ProgramData\Desktop\Prepar3D v4.lnk
2019-10-07 14:19 - 2019-10-07 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\Users\Public\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\ProgramData\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly the Maddog X
2019-10-06 06:38 - 2019-10-06 06:40 - 000000000 ___DC C:\Users\homepc\Documents\Maddog X Files
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\Users\Public\Desktop\AirHauler 2.lnk
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\ProgramData\Desktop\AirHauler 2.lnk
2019-10-05 23:50 - 2019-10-05 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS2Crew2012
2019-10-05 23:43 - 2019-10-05 23:43 - 000000000 ____D C:\Program Files\AI Lights Reborn Free Edition
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo Internationall (FSX)
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo International (FSX)
2019-10-05 22:36 - 2019-10-05 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG - Cape Town FSX
2019-10-05 17:55 - 2019-10-05 17:55 - 020815872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019013632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-05 17:55 - 2019-10-05 17:55 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000241976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 026806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 023454720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 009680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002415928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002200376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-05 17:54 - 2019-10-05 17:54 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001751424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001720120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001399608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001247344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-05 14:38 - 2019-10-05 14:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1
2019-10-05 14:37 - 2019-10-05 14:37 - 000001862 _____ C:\Users\homepc\Desktop\AFX.lnk
2019-10-05 14:37 - 2019-10-05 14:37 - 000000000 ____D C:\Program Files (x86)\AFX
2019-10-04 15:01 - 2019-10-04 15:01 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-03 18:31 - 2019-10-03 18:31 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-09-30 23:12 - 2019-09-30 23:12 - 000034030 _____ C:\Users\homepc\Desktop\ChasePlane_Report_gtafivehater_gmail_com.txt
2019-09-30 15:53 - 2019-09-30 15:53 - 000000000 ____D C:\Users\homepc\AppData\Local\Viber
2019-09-29 17:26 - 2019-10-05 17:58 - 000519104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 02:03 - 2019-09-29 02:03 - 000000000 ____D C:\Users\homepc\AppData\Local\gtk-3.0
2019-09-29 01:11 - 2019-10-07 18:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\gsmartcontrol
2019-09-28 23:14 - 2019-10-07 16:03 - 000000000 ____D C:\SFCFix
2019-09-28 23:13 - 2019-10-07 16:03 - 000000000 ____D C:\Users\homepc\AppData\Local\niemiro
2019-09-28 22:46 - 2019-09-28 22:46 - 000000000 ___HD C:\$Windows.~WS
2019-09-28 22:38 - 2019-09-28 22:39 - 000000000 ____D C:\Program Files\NTLite
2019-09-28 22:38 - 2019-09-28 22:38 - 000000825 _____ C:\Users\homepc\Desktop\NTLite.lnk
2019-09-28 22:38 - 2019-09-28 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2019-09-28 19:19 - 2019-09-28 23:06 - 000000000 ____D C:\ESD
2019-09-28 13:43 - 2019-09-28 13:43 - 000001098 _____ C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RD-soft
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-28 13:38 - 2019-09-28 13:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\THROTTLEINDICATOR
2019-09-28 13:27 - 2019-09-28 13:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\fscabincrew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FS Cabin Crew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\Program Files (x86)\drubware.net
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\Users\Public\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\ProgramData\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\Users\Public\Desktop\FSLA320-X MCDU.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\ProgramData\Desktop\FSLA320-X MCDU.url
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ C:\Program Files (x86)\unEZCA2.exe
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\Users\Public\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\ProgramData\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\EZCA
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA2
2019-09-27 01:49 - 2019-09-27 03:53 - 000002048 _____ C:\WINDOWS\ezcamera2.lic
2019-09-27 00:18 - 2019-09-27 00:20 - 000000000 ____D C:\OpusFSX
2019-09-27 00:17 - 2019-09-27 00:18 - 000000000 ____D C:\Opus Software
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-25 02:53 - 2019-09-25 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Majestic Software
2019-09-25 01:51 - 2019-09-28 18:57 - 000000000 ____D C:\1909_f1_rxp
2019-09-25 01:22 - 2019-09-25 01:22 - 000000000 ____D C:\ProgramData\Garmin
2019-09-25 01:11 - 2019-09-28 20:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\Users\Public\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\ProgramData\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\Program Files (x86)\Download Master
2019-09-24 18:44 - 2019-09-30 23:12 - 000000000 ____D C:\Program Files (x86)\ChasePlane (XEdition)
2019-09-24 18:44 - 2019-09-24 21:36 - 000000000 ___DC C:\Users\homepc\Documents\ChasePlane Presets
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\Users\Public\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\ProgramData\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChasePlane (XEdition)
2019-09-24 17:28 - 2019-09-26 17:12 - 000000895 _____ C:\Users\homepc\Desktop\F1UpdateTool.lnk
2019-09-24 17:28 - 2019-09-24 17:28 - 000000935 _____ C:\Users\homepc\Desktop\f1update_tool_readme.lnk
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hoppie
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\Program Files (x86)\Hoppie
2019-09-22 00:38 - 2019-09-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simware - Valencia X - FSX
2019-09-21 22:49 - 2019-09-21 23:21 - 000001116 _____ C:\Users\homepc\Desktop\767-300 FSX Configuration Manager.lnk
2019-09-21 21:08 - 2019-09-21 21:18 - 000203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-09-21 14:13 - 2019-09-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARMI Project - Muscat OOMS FSX
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\Users\Public\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\ProgramData\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-21 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Ground Crew X
2019-09-21 13:31 - 2019-09-29 21:13 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Ultimate Ground Crew X
2019-09-17 00:14 - 2019-09-17 00:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3res
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3weatherfiles
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3Charts
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3aircraftfiles
2019-09-16 23:49 - 2019-09-16 23:49 - 000000000 ____D C:\Users\homepc\zygrib
2019-09-16 23:34 - 2019-09-27 00:34 - 000000000 ____D C:\OpusFSI_v5
2019-09-16 21:39 - 2019-09-16 21:39 - 000001181 _____ C:\Users\homepc\Desktop\Active Sky Next for FSX SP5.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000002021 _____ C:\Users\homepc\Desktop\FS Global Real Weather.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000000000 ____D C:\Program Files (x86)\FSGRW
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\Users\Public\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\ProgramData\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\Users\Public\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\ProgramData\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDreamTeam
2019-09-15 14:00 - 2019-10-07 15:51 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2019-09-15 13:41 - 2019-09-15 13:42 - 000082268 _____ C:\ProgramData\dxdiag.txt
2019-09-14 23:40 - 2019-09-15 01:43 - 000000000 ____D C:\Program Files\MFSClientV5
2019-09-14 12:27 - 2019-09-14 12:27 - 000000000 ____D C:\Users\homepc\AppData\Local\NVIDIA
2019-09-14 11:15 - 2019-09-14 11:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\NVIDIA
2019-09-14 11:13 - 2019-10-07 18:38 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-14 11:13 - 2019-09-14 13:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-05 22:49 - 005468144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 002634608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000654320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-09-14 11:13 - 2019-09-05 04:04 - 008709382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-09-14 11:13 - 2019-08-01 16:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000447368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000351944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:28 - 011562376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:28 - 009937104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 002051008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001550080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001247432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001140616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000959424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000676096 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000658880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000632768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000544648 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000524168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 040444856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 035334536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 017300360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 014921096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 005358472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 004696968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001726400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443630.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001491336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443630.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 005002192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 004263840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-09-14 11:12 - 2019-09-06 00:19 - 000054700 _____ C:\WINDOWS\system32\nvinfo.pb
2019-09-14 11:12 - 2019-09-06 00:19 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-09-14 11:07 - 2019-09-14 11:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-14 11:06 - 2019-09-14 11:06 - 000000000 ____D C:\ShadersHLSL
2019-09-13 21:28 - 2019-09-13 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSS FSL A320 IAE V2.1
2019-09-13 20:53 - 2019-09-13 20:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PILOT'S Software
2019-09-13 19:06 - 2019-09-27 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd
2019-09-13 19:05 - 2019-09-13 19:30 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\MSBuild
2019-09-13 13:25 - 2019-09-13 13:25 - 017761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 013942784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004850688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-13 13:25 - 2019-09-13 13:25 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002148864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-13 02:09 - 2019-10-07 00:09 - 000000000 ____D C:\TCPU71
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\Users\Public\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\ProgramData\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\Users\Public\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\ProgramData\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 00:00 - 2019-09-13 00:00 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PMDG Operations Center.lnk
2019-09-12 18:53 - 2019-09-12 19:00 - 000000000 ____D C:\BLOCKCHECKDPI
2019-09-11 01:12 - 2019-09-11 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2019-09-11 00:42 - 2019-09-11 00:43 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X - Steam Edition Files
2019-09-10 23:57 - 2019-09-10 23:57 - 000000208 _____ C:\Captain.ini
2019-09-10 19:27 - 2019-09-28 13:43 - 000000000 ____D C:\Program Files (x86)\RD-soft
2019-09-10 19:27 - 2019-09-10 19:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RDSetInstaller
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\Users\Public\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\ProgramData\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-10 19:19 - 2019-09-10 19:19 - 000000000 ____D C:\Users\homepc\AppData\Local\kACARS_-LR
2019-09-10 19:18 - 2019-09-10 19:18 - 000003113 _____ C:\Users\homepc\Desktop\kACARS - Landing Rate.lnk
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kACARS_Free
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Program Files (x86)\FS-Products
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\Users\Public\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\ProgramData\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 747-400 V2 for FSX
2019-09-08 00:49 - 2019-09-11 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2019-09-08 00:19 - 2019-09-08 00:19 - 000271424 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2019-09-08 00:14 - 2019-09-08 00:14 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2019-09-07 14:22 - 2019-09-07 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Airbus A318-A319 - FSX

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 18:42 - 2017-06-24 23:54 - 000000000 ____D C:\Users\homepc\Desktop\Tor Browser
2019-10-07 18:39 - 2017-06-24 11:27 - 000000000 ____D C:\Users\homepc\AppData\LocalLow\Mozilla
2019-10-07 18:38 - 2018-12-26 16:25 - 000000000 ____D C:\ProgramData\VMware
2019-10-07 18:38 - 2018-12-16 22:38 - 000003180 _____ C:\WINDOWS\system32\Tasks\FRAPS
2019-10-07 18:38 - 2018-12-16 22:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-07 18:38 - 2018-12-16 22:28 - 000000000 ____D C:\Users\homepc
2019-10-07 18:38 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-07 18:38 - 2018-09-15 10:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-07 18:38 - 2018-08-13 17:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-07 18:38 - 2018-05-10 21:23 - 000012792 ____C C:\Users\homepc\Documents\FPSMonitor.txt
2019-10-07 18:38 - 2018-04-27 21:38 - 000000000 ____D C:\Fraps
2019-10-07 18:38 - 2018-04-09 23:54 - 000000000 ____D C:\ProgramData\Jeppesen
2019-10-07 18:38 - 2018-04-05 15:40 - 000000000 ___DC C:\Users\homepc\AppData\Local\Apps\2.0
2019-10-07 18:38 - 2017-08-04 23:22 - 000000000 ____D C:\Program Files\Core Temp
2019-10-07 18:38 - 2017-06-24 12:57 - 000000000 ____D C:\ProgramData\Doctor Web
2019-10-07 18:36 - 2018-12-16 22:38 - 000002430 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-10-07 18:36 - 2018-09-15 09:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-07 18:30 - 2019-02-03 16:47 - 000000000 ____D C:\WX Advantage Radar
2019-10-07 18:22 - 2017-06-25 12:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\CrashDumps
2019-10-07 18:07 - 2018-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-07 17:44 - 2018-10-18 13:18 - 000505592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\drweblwf.sys
2019-10-07 17:10 - 2018-12-21 21:57 - 000000000 ___DC C:\Users\homepc\Documents\ViberDownloads
2019-10-07 16:56 - 2017-12-10 18:46 - 000000000 ___DC C:\Users\homepc\AppData\Local\Packages
2019-10-07 16:43 - 2018-12-16 22:37 - 000977104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-07 16:43 - 2018-09-15 10:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-07 16:39 - 2017-09-22 17:08 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-07 16:39 - 2017-06-24 12:05 - 000000000 ____D C:\Users\homepc\AppData\Roaming\ViberPC
2019-10-07 16:19 - 2018-12-16 22:38 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1001
2019-10-07 16:19 - 2018-12-16 22:28 - 000002366 _____ C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 16:19 - 2017-06-24 10:46 - 000000000 ___RD C:\Users\homepc\OneDrive
2019-10-07 16:02 - 2018-09-15 10:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-07 15:41 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2019-10-07 15:26 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\DelayedItemsByChemtableSoftware
2019-10-07 15:26 - 2018-07-18 16:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Telegram Desktop
2019-10-07 15:25 - 2017-06-24 10:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-07 15:23 - 2018-11-25 16:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Clipdiary
2019-10-07 15:08 - 2018-12-16 22:38 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1002
2019-10-07 15:08 - 2018-12-16 22:28 - 000002360 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:08 - 2018-09-15 10:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-07 15:08 - 2017-12-10 18:46 - 000000000 ____D C:\Users\test\AppData\Local\Packages
2019-10-07 15:08 - 2017-09-21 18:36 - 000000000 ___RD C:\Users\test\OneDrive
2019-10-07 15:07 - 2017-12-28 23:39 - 000000000 ___RD C:\Users\test\3D Objects
2019-10-07 14:52 - 2017-06-24 13:17 - 000000000 ____D C:\Users\homepc\AppData\Roaming\WhatsApp
2019-10-07 14:18 - 2017-06-24 11:15 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-07 14:11 - 2017-07-25 00:28 - 000000000 ___DC C:\Users\homepc\Documents\AivlaSoft
2019-10-07 13:25 - 2019-05-31 19:10 - 000000000 ____D C:\Users\homepc\AppData\Local\BitTorrentHelper
2019-10-07 02:07 - 2019-08-29 01:11 - 000000000 ____D C:\Users\homepc\AppData\Roaming\vlc
2019-10-06 19:02 - 2019-03-13 13:04 - 000000000 ____D C:\Users\homepc\AppData\Roaming\SimBrief Downloader
2019-10-06 17:35 - 2019-01-28 21:30 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X Files
2019-10-06 17:01 - 2019-01-29 17:38 - 000001155 _____ C:\Users\homepc\Desktop\Active Sky 2016 for FSX.lnk
2019-10-06 15:52 - 2017-09-12 12:56 - 000000000 ____D C:\SoyzClient
2019-10-06 15:34 - 2017-12-29 00:30 - 000000000 ____D C:\ProgramData\Virtuali
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\Users\Public\Documents\DX10SceneryFixer
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\ProgramData\Documents\DX10SceneryFixer
2019-10-06 15:26 - 2017-07-24 00:00 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Virtuali
2019-10-06 06:45 - 2017-07-28 03:00 - 000000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2019-10-06 06:18 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\eSellerate
2019-10-06 05:12 - 2017-12-29 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-10-06 04:06 - 2019-05-13 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
2019-10-06 00:37 - 2017-09-16 19:24 - 000000000 ___DC C:\Users\homepc\Documents\vPilot Files
2019-10-06 00:25 - 2018-08-11 14:49 - 000000000 ___DC C:\Users\homepc\AppData\Local\V1_Software
2019-10-06 00:10 - 2019-06-28 19:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-06 00:10 - 2018-07-27 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2019-10-06 00:10 - 2017-06-24 10:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-05 23:50 - 2018-07-13 23:12 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RAASPRO
2019-10-05 23:43 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Add-ons
2019-10-05 17:58 - 2019-03-28 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 17:58 - 2017-12-10 19:59 - 000000000 ___RD C:\Users\homepc\3D Objects
2019-10-05 17:58 - 2017-06-24 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-05 17:56 - 2018-09-15 12:11 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-05 17:56 - 2018-09-15 12:11 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-05 17:56 - 2018-09-15 12:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-05 17:56 - 2018-09-15 09:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-05 17:54 - 2017-06-24 11:38 - 000408644 __RSH C:\bootmgr
2019-10-05 14:37 - 2017-07-26 03:41 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2019-10-05 13:31 - 2017-08-06 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2019-10-05 12:01 - 2019-02-25 20:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Discord
2019-10-05 11:57 - 2017-06-24 11:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-03 16:00 - 2017-06-24 12:59 - 000000000 ____D C:\Program Files\DrWeb
2019-10-03 12:34 - 2019-03-26 16:25 - 000000000 ____D C:\Users\homepc\AppData\Local\WhatsApp
2019-10-02 21:52 - 2018-12-16 22:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:52 - 2018-12-16 22:38 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 21:52 - 2017-11-17 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-30 20:21 - 2017-09-21 18:40 - 000000000 ____D C:\Temp
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\Users\Public\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\ProgramData\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000000000 ____D C:\Program Files (x86)\AIDA64
2019-09-30 14:10 - 2018-10-18 13:19 - 000860240 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwprot.sys
2019-09-30 14:10 - 2018-10-18 13:18 - 000390248 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\spiderg3.sys
2019-09-29 21:14 - 2018-12-25 18:07 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-09-29 17:25 - 2018-02-07 01:32 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Wise Disk Cleaner
2019-09-29 17:24 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\ProgramData\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2019-09-28 20:38 - 2018-03-28 13:04 - 000000000 ____D C:\Boson
2019-09-28 13:25 - 2017-07-24 01:47 - 000000000 ___DC C:\Users\homepc\AppData\Local\Downloaded Installations
2019-09-27 03:54 - 2017-07-23 16:57 - 000000000 ____D C:\Program Files (x86)\EZCA2
2019-09-27 03:53 - 2017-07-23 16:56 - 000000000 ____D C:\EZdok Software
2019-09-27 03:38 - 2019-02-26 02:50 - 000000000 ____D C:\Program Files\EZCA3
2019-09-27 03:36 - 2019-02-25 22:23 - 000000000 ____D C:\Program Files (x86)\Flight1 Purchase Agent
2019-09-27 02:56 - 2019-01-22 23:20 - 000000000 __SHD C:\Users\Public\DRM
2019-09-27 00:17 - 2017-12-28 01:37 - 000002048 _____ C:\WINDOWS\OpusFSX.lic
2019-09-27 00:13 - 2018-01-28 13:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Navdata
2019-09-27 00:13 - 2018-01-28 13:29 - 000002048 _____ C:\WINDOWS\CX750X.lic
2019-09-27 00:12 - 2019-02-25 22:23 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1Purchase
2019-09-27 00:08 - 2019-02-26 02:50 - 000002048 _____ C:\WINDOWS\ezcapro3.lic
2019-09-27 00:02 - 2019-02-25 22:23 - 000083295 _____ C:\Program Files (x86)\F1Uninstall.exe
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\Users\Public\Desktop\Flight1 Purchase Agent.lnk
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\ProgramData\Desktop\Flight1 Purchase Agent.lnk
2019-09-26 19:39 - 2018-12-16 22:28 - 000000000 ____D C:\Users\DefaultAppPool
2019-09-26 17:12 - 2017-08-23 12:55 - 000000000 ____D C:\ProgramData\Flight One Software
2019-09-26 04:18 - 2019-02-02 02:16 - 000000109 _____ C:\WINDOWS\GARMINWT.INI
2019-09-26 02:06 - 2018-04-23 00:26 - 000000221 ____C C:\Users\homepc\Documents\ax_files.xml
2019-09-25 20:45 - 2019-05-05 17:20 - 000000000 ____D C:\Program Files (x86)\FSrealWX 3.0
2019-09-25 12:15 - 2017-11-17 13:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-09-25 02:46 - 2017-12-30 20:32 - 000000000 ____D C:\Program Files (x86)\FSBuild
2019-09-25 01:29 - 2019-09-06 19:11 - 000000000 ____D C:\Program Files\Process Lasso
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\Users\Public\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\ProgramData\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso Pro
2019-09-25 01:29 - 2018-12-16 22:38 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2019-09-25 01:29 - 2018-12-16 22:38 - 000003096 _____ C:\WINDOWS\system32\Tasks\Process Lasso Core Engine Only
2019-09-25 01:22 - 2019-02-04 22:22 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin Aviation Trainers.lnk
2019-09-24 17:28 - 2019-02-01 14:39 - 000000890 _____ C:\Users\homepc\Desktop\F1GTNConfig.lnk
2019-09-23 23:23 - 2017-06-24 13:17 - 000000000 ___DC C:\Users\homepc\AppData\Local\SquirrelTemp
2019-09-23 22:32 - 2018-05-18 11:38 - 000000000 ___DC C:\Users\homepc\AppData\Local\D3DSCache
2019-09-23 15:09 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-23 15:09 - 2017-12-28 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSrealWX
2019-09-23 15:07 - 2018-12-17 14:49 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-23 15:07 - 2018-10-10 18:37 - 000000000 ___RD C:\Users\homepc\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-09-22 02:52 - 2019-04-19 00:34 - 000000000 ____D C:\Program Files\WhoCrashed
2019-09-22 00:53 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Files
2019-09-21 22:49 - 2018-04-28 14:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-09-21 21:37 - 2018-04-30 15:02 - 000000000 ____D C:\Program Files (x86)\PMDG Operations Center
2019-09-21 16:49 - 2017-07-27 15:29 - 000000000 ____D C:\ProgramData\firebird
2019-09-21 15:11 - 2017-07-27 15:27 - 000000000 ____D C:\PRO-ATC-X
2019-09-19 13:15 - 2017-09-14 15:00 - 000000000 ____D C:\DrWebkeys
2019-09-19 13:13 - 2017-07-23 21:34 - 000000000 ____D C:\aerosoft
2019-09-17 11:44 - 2019-02-26 02:03 - 000000035 _____ C:\general.INI
2019-09-17 01:02 - 2017-08-31 16:42 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2019-09-17 00:14 - 2019-05-05 16:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3
2019-09-17 00:13 - 2017-12-28 20:14 - 000000000 ____D C:\Program Files (x86)\FSrealWX_Pro
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\Users\Public\Desktop\FSrealWX Pro.lnk
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\ProgramData\Desktop\FSrealWX Pro.lnk
2019-09-16 21:39 - 2019-01-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2019-09-16 21:39 - 2019-01-29 17:37 - 000000000 ____D C:\Program Files (x86)\HiFi
2019-09-16 21:39 - 2018-01-28 03:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\HiFi
2019-09-16 20:41 - 2018-05-27 13:10 - 000001095 _____ C:\Users\homepc\Desktop\MFSClient.lnk
2019-09-16 19:50 - 2018-02-03 17:52 - 000000000 ____D C:\Program Files (x86)\Addon Manager
2019-09-16 19:30 - 2018-02-03 18:04 - 000000179 _____ C:\Users\homepc\FSDreamTeam_GSX.reg
2019-09-16 15:57 - 2018-02-06 19:31 - 000000000 ___HD C:\3gzV5dAb7FiiwFEW
2019-09-16 11:29 - 2018-01-11 19:31 - 000000000 ___DC C:\Users\homepc\AppData\Local\MEGAsync
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\Users\Public\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\ProgramData\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 01:27 - 2018-05-12 00:31 - 000000000 ____D C:\AFSD
2019-09-15 00:40 - 2017-12-30 15:36 - 000000000 ___DC C:\Users\homepc\AppData\Local\QSimPlanner
2019-09-15 00:38 - 2017-12-30 15:36 - 000001149 _____ C:\Users\homepc\Desktop\QSimPlanner.lnk
2019-09-15 00:38 - 2017-12-30 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QSimPlanner
2019-09-14 17:33 - 2019-03-13 13:04 - 000002514 _____ C:\Users\homepc\Desktop\SimBrief Downloader.lnk
2019-09-14 11:13 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\Help
2019-09-14 11:08 - 2017-12-27 16:14 - 000000000 ____D C:\[Guru3D.com]-DDU
2019-09-14 11:03 - 2018-12-16 22:38 - 000004570 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-14 11:03 - 2017-06-25 00:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\Adobe
2019-09-14 11:00 - 2019-04-07 00:43 - 000000000 ____D C:\ProgramData\DisplayDriverUninstaller
2019-09-14 11:00 - 2018-07-22 12:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-09-14 10:48 - 2018-12-16 22:38 - 000004582 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-13 20:15 - 2018-03-04 13:56 - 000000000 ____D C:\ProgramData\FSTramp
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\Users\Public\Documents\PFPX Data
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\ProgramData\Documents\PFPX Data
2019-09-13 18:40 - 2019-02-28 01:02 - 000000000 ____D C:\Users\homepc\AppData\Local\ElevatedDiagnostics
2019-09-13 18:35 - 2019-02-03 04:55 - 000001159 _____ C:\Users\homepc\Desktop\Reg Organizer.lnk
2019-09-13 14:20 - 2017-06-24 10:59 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-13 13:27 - 2018-09-15 10:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-13 13:26 - 2018-09-15 10:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-13 13:26 - 2018-09-15 10:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-13 11:47 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\Users\Public\Desktop\TC PU Programs
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\ProgramData\Desktop\TC PU Programs
2019-09-12 23:43 - 2018-02-24 00:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\uTorrent
2019-09-12 20:36 - 2017-09-01 19:04 - 000001857 _____ C:\Users\homepc\Desktop\FSFX_Tools.lnk
2019-09-11 18:57 - 2017-09-10 16:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\TS3Client
2019-09-11 01:12 - 2018-04-27 23:56 - 000000000 ____D C:\Program Files\ParkControl
2019-09-10 09:54 - 2018-07-26 13:21 - 000001323 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 Server.lnk
2019-09-10 09:49 - 2018-07-26 13:21 - 000001338 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 DbBuilder.lnk
2019-09-08 21:59 - 2019-06-29 00:06 - 000000000 ____D C:\Temp torrents
2019-09-08 19:32 - 2018-08-31 18:23 - 000000000 ___DC C:\Users\homepc\AppData\Local\Ubisoft Game Launcher
2019-09-08 16:41 - 2017-10-15 15:29 - 000002004 _____ C:\Users\homepc\Desktop\FS Real Time.lnk
2019-09-07 22:23 - 2017-07-26 03:41 - 000000000 ____D C:\Program Files (x86)\FS Real Time
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\Users\Public\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\ProgramData\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSTramp
2019-09-07 12:48 - 2018-03-04 13:56 - 000000000 ____D C:\Program Files (x86)\FSTramp

==================== Files in the root of some directories ================

2018-02-03 18:04 - 2019-09-16 19:30 - 000000179 _____ () C:\Users\homepc\FSDreamTeam_GSX.reg
2017-12-30 20:37 - 2019-09-01 22:20 - 000002065 _____ () C:\Program Files (x86)\3187c76b-7ef1-4f48-bb5e-e5da055a81d9.index
2019-02-25 22:23 - 2019-09-27 00:02 - 000083295 _____ () C:\Program Files (x86)\F1Uninstall.exe
2011-12-03 16:23 - 2008-02-21 21:45 - 000070416 _____ () C:\Program Files (x86)\post-2-12035868936904.jpg
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ () C:\Program Files (x86)\unEZCA2.exe
2019-01-31 15:53 - 2019-01-24 18:11 - 000000858 _____ () C:\Users\homepc\AppData\Roaming\8f2626ec-b19e-4dc5-9f23-cdc84f045b52.index
2018-06-20 11:47 - 2018-05-20 18:10 - 000000855 _____ () C:\Users\homepc\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2018-11-04 22:39 - 2018-10-04 09:37 - 002385178 _____ () C:\Users\homepc\AppData\Roaming\ec317386-e87d-48c7-ade1-34457a87d179.index
2017-12-20 01:48 - 2017-12-20 01:48 - 000000128 ____H () C:\Users\homepc\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2018-12-30 23:40 - 2018-12-30 23:40 - 000212879 _____ () C:\Users\homepc\AppData\Roaming\Lockheed Martin.rar
2017-09-03 12:43 - 2019-05-10 00:22 - 000000369 _____ () C:\Users\homepc\AppData\Roaming\OpenSceneryX Installer.plist
2018-10-27 22:23 - 2018-10-27 22:23 - 000000000 _____ () C:\Users\homepc\AppData\Roaming\Program.cfg
2018-10-25 01:07 - 2019-04-27 14:57 - 000000080 _____ () C:\Users\homepc\AppData\Roaming\WED.prefs
2019-05-10 01:34 - 2019-06-15 22:29 - 000008176 _____ () C:\Users\homepc\AppData\Roaming\XAddonManager.plist
2019-03-18 15:50 - 2019-03-18 15:50 - 000000000 _____ () C:\Users\homepc\AppData\Local\oobelibMkey.log
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ () C:\Users\homepc\AppData\Local\recently-used.xbel
2019-04-16 15:23 - 2019-05-16 14:14 - 000007653 _____ () C:\Users\homepc\AppData\Local\Resmon.ResmonCfg
2019-04-19 00:39 - 2019-05-09 02:11 - 000001293 _____ () C:\Users\homepc\AppData\Local\Temp1.html
2019-04-19 00:40 - 2019-04-19 00:40 - 000013510 _____ () C:\Users\homepc\AppData\Local\Temp38.html
2019-05-09 02:11 - 2019-05-09 02:11 - 000003111 _____ () C:\Users\homepc\AppData\Local\Temp6.html
2019-08-12 23:06 - 2019-08-12 23:06 - 000017408 _____ () C:\Users\homepc\AppData\Local\WebpageIcons.db
2019-04-05 15:31 - 2019-05-03 12:37 - 000000093 _____ () C:\Users\homepc\AppData\Local\X-Plane 11 Preferences.prf
2019-04-05 15:31 - 2019-08-13 11:02 - 000000037 _____ () C:\Users\homepc\AppData\Local\X-Plane Installer.prf
2019-04-05 15:31 - 2019-05-25 17:50 - 000000075 _____ () C:\Users\homepc\AppData\Local\X-Plane_drm_11.prf
2019-04-05 15:32 - 2019-08-13 10:39 - 000000032 _____ () C:\Users\homepc\AppData\Local\x-plane_install_11.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 

Attachments

  • Захват38.jpg
    Захват38.jpg
    236 KB · Views: 2
  • Захват33.jpg
    Захват33.jpg
    198.3 KB · Views: 2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by homepc (administrator) on SIMPC (Gigabyte Technology Co., Ltd. G1.Guerrilla) (07-10-2019 18:42:58)
Running from C:\Users\homepc\Desktop\Tor Browser
Loaded Profiles: homepc (Available Profiles: homepc & test & newuser & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Pro Version 1809 17763.775 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(CA -> CA) H:\CA_LIC\lic98Service.exe
(CA -> CA) H:\CA_LIC\LogWatNT.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent_adm.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.) C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe
(FxSound, LLC -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Jeppesen Sanderson, Inc -> Jeppesen) C:\Program Files (x86)\Jeppesen\JWC\JWC.exe
(Konstantin Polyakov IP -> Chemtable Software) C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SelfSigned -> ) [File not signed] C:\Program Files (x86)\Dating\Dating.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SurfRight B.V. Dickmaster -> SurfRight B.V.) [File not signed] C:\Program Files\HitmanPro\HitmanPro.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The OpenVPN Project) [File not signed] C:\Program Files\OpenVPN\bin\openvpnserv.exe
(TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\homepc\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22147976 2019-10-02] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Process Killer] => C:\Program Files (x86)\Process Killer\prkiller.exe [38400 2005-07-30] () [File not signed]
HKLM-x32\...\Run: [QW787_v1.1.2a_update] => F:\Симуляторы\P3DV4\Самолеты\QW_787_P3DV4\QW787_v1.1.2a_update.exe [17147444 2018-11-21] () [File not signed]
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1780728 2019-07-26] (FxSound, LLC -> ) [File not signed]
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-02-20] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FlightPlan] => e:\симуляторы\FlightPlan_3_7\FlightPlan.exe [835584 2012-05-05] (Umberto Degli Esposti) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [14941336 2018-06-04] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Task Killer] => E:\Task.Killer.Portable\TaskKiller.exe [221696 2015-12-19] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [AutoHideMouseCursor] => E:\FSL_A320X\P3Dv4.1\FSLabs_A320X_P3D_v2.0.1.237\AutoHideMouseCursor_x64\AutoHideMouseCursor_x64.exe [152576 2018-03-23] (Nenad Hrg (SoftwareOK.com)) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [636416 2017-09-15] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Viber] => C:\Users\homepc\AppData\Local\Viber\Viber.exe [41029704 2019-09-25] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [ECMHelper] => C:\Program Files (x86)\Экранная Камера\Agent.exe [847600 2018-12-26] (AMS Software) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16443120 2018-10-05] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [GameCenter] => C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe [9983616 2019-08-08] (Mail.Ru, LLC -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [SimBrief Downloader] => C:\Users\homepc\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer -> Derek Mayer)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23912440 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {0dd97860-05ce-11e9-82b3-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {94b459e9-074c-11e9-82bb-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {a16e49be-19a4-11e9-833c-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {acbb8ff6-100a-11e9-8305-001fc6276e5b} - "L:\dvdcheck.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {d8fd3f33-0891-11e9-82be-001fc6276e5b} - "L:\setup.exe"
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk [2019-09-15]
ShortcutTarget: Bigfoot Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2019-05-15]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2018-12-24]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dating.lnk [2019-07-28]
ShortcutTarget: Dating.lnk -> C:\Program Files (x86)\Dating\Dating.exe (SelfSigned -> ) [File not signed]
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disk-O.lnk [2018-12-10]
ShortcutTarget: Disk-O.lnk -> C:\Users\homepc\AppData\Local\Mail.Ru\Disk-O\DiskO.exe (LLC Mail.Ru -> Mail.Ru)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Letasoft Sound Booster.lnk [2019-01-08]
ShortcutTarget: Letasoft Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft LLC -> Letasoft)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2018-05-22]
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D63D986-6751-4C26-908A-260F5ADD4292} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [6287776 2019-02-19] (Bandicam Company -> Bandicam Company)
Task: {32566FC1-6EE8-417C-B89F-C1B871382D6B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3B483FCD-B42F-4CBE-96E6-15CEE4158812} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_homepc => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {3E531F2C-FC20-4030-9AD8-58A7330BE779} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
Task: {48669851-E43F-4749-86DF-BC580859156F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BB42F87-709C-4EA8-9AA8-43DB55C04928} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [6982216 2019-09-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {4F71DDFA-CEB3-46C5-B103-0CC0B3BD3FED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {577622A0-4C43-496D-85A2-924AC1336ADD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-14] (Adobe Inc. -> Adobe)
Task: {66669C3C-4730-45E9-9C0C-98B790D86110} - System32\Tasks\Core Temp Autostart homepc => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {6F3C805A-1DD5-4554-8B51-D1E29E54E471} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {88F6EC18-D85C-48C2-9AE3-B0D27DEDAB6F} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1029512 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {8A7573F9-A3B1-4BB5-862D-EF7D294221F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B25905B-ED6B-4E17-8FA2-A86E1473AEC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9302A8F4-8FD2-453C-9B6C-AA8A44265007} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2357164880-557895980-647672482-1001 => C:\Users\homepc\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {95F74322-C145-432A-B5DC-5A00537981D5} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [709512 2019-08-15] (Bitsum LLC -> Bitsum LLC) <==== ATTENTION
Task: {987F598E-0428-4639-8259-2820430D78D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C6F6EEC-7E5B-47DD-909B-47537097061D} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {B425F0F0-DE66-4D15-AF02-AEDBE66B23D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {B58A9E73-4B07-44D6-BF0F-C16A3B42C820} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1541520 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {C75E651E-8A3B-4A70-B2F8-705E6390EEC8} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {DE55D662-192E-44AD-A44C-92D7366BE150} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFAA9ABF-7272-4539-A3FA-4FE093594CE5} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {E44CA61A-0EB9-44E0-B78C-2BB962CB3CDE} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2550968 2012-08-30] (Beepa Pty Ltd -> Beepa P/L) [File not signed]
Task: {E769C0E3-71CF-445A-B5C7-EA3170B56DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {E80A2128-822A-4712-A4B1-82EFDAE09546} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ED970E6A-70A3-4E19-9243-A8AD38614FC6} - System32\Tasks\FPSMonitor => C:\Program Files (x86)\FPS Monitor\FPSMonitor.exe [7098592 2019-04-25] (Kozadaev Eduard Vladimirovich -> )
Task: {F6DA550E-A9CA-4E3C-84DE-900736C61C68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F95AE5D8-379F-4656-BED6-12A6D5A2C054} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [11517320 2019-08-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {FFB35F64-23CA-42B2-BD87-CC98E4B0A343} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 22 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 22 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31232c54-0567-44c1-af24-8ca68e6dc70f}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{b922b671-da25-45bc-bcb6-227098c215e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=812208
SearchScopes: HKU\S-1-5-21-2357164880-557895980-647672482-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BACD27B3D-C9E4-4CD8-9795-15E79965F9DD%7D&gp=812209
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: YoutubeAdBlock -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> No File
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2017-06-23] (Download Master -> WestByte) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pze24zhj.NESTOR
FF DefaultProfile: lh2u6es8.default
FF ProfilePath: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR [2019-10-07]
FF Homepage: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> hxxps://yandex.ru/?clid=2224022
FF NetworkProxy: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: homeutil@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: vb@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@hoxx-vpn.xpi [2019-10-07]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@setupvpncom.xpi [2019-10-07]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@webrtc-leak-shield.xpi [2018-02-24]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\client@anonymox.net.xpi [2018-12-14]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\divanproger@gmail.com.xpi [2019-08-19]
FF Extension: (Free Download Manager) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\fdm_ffext2@freedownloadmanager.org.xpi [2019-09-25]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@ghostery.com.xpi [2019-08-29]
FF Extension: (MEGA) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@mega.co.nz.xpi [2019-10-03] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@tampermonkey.net.xpi [2019-05-30]
FF Extension: (Start Page — Yandex) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\homeutil@yandex.ru.xpi [2019-09-09]
FF Extension: (Pinterest Save Button) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2019-09-25]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\public.proartex@gmail.com.xpi [2018-05-08]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (uBlock Origin) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\vb@yandex.ru.xpi [2019-04-24]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\xd4rker@gmail.com.xpi [2019-02-04]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\zoompage-we@DW-dev.xpi [2019-09-23]
FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2019-05-14]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF SearchPlugin: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\searchplugins\mailru.xml [2015-11-21]
FF ProfilePath: C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default [2019-02-27]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\lh2u6es8.default -> hxxp://mail.ru/cnt/10445?gp=812204
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@hoxx-vpn.xpi [2018-10-19]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@setupvpncom.xpi [2018-02-06]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@webrtc-leak-shield.xpi [2018-03-28]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\client@anonymox.net.xpi [2017-06-24] [Legacy]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\divanproger@gmail.com.xpi [2018-12-16]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@ghostery.com.xpi [2019-01-31]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@tampermonkey.net.xpi [2018-10-06]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\public.proartex@gmail.com.xpi [2017-06-24] [Legacy]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\s3google@translator.xpi [2018-10-20]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\vb@yandex.ru.xpi [2017-08-01] [Legacy]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\xd4rker@gmail.com.xpi [2018-11-21]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\zoompage-we@DW-dev.xpi [2018-12-16]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-26]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-31]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-10-06]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2018-06-29] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-02-02] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2017-12-24] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxp://www.mail.ru/cnt/9516","hxxp://mail.ru/cnt/10445?gp=812208"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B792CA924-60DD-4AE5-BF89-099626812133%7D&gp=812209
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default [2019-10-07]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2019-01-01]
CHR Extension: (Download Master) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljdacfojgikogldjffnkdcielnklkce [2019-09-25]
CHR Extension: (Direct.Fastix ) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknnjfgcgglncamgpbbdfkianokjohlh [2019-02-03]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Adblocker for Youtube™) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohajmcdpjokbdoihfhkpbmlmknejmoec [2018-02-02]
CHR Extension: (Chrome Media Router) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-07]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.16.4.6852\BVDChromeExt.crx [2018-12-29]
CHR HKLM-x32\...\Chrome\Extension: [dljdacfojgikogldjffnkdcielnklkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fppjhfcgnalgfiimdflmikpifodndljf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gbnhehnpnbiioheicppmmmjaekcdfigc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-09-16] (BattlEye Innovations e.K. -> )
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [File not signed]
S4 BLMS; C:\Program Files (x86)\BASTION\BLMS.exe [33280 2015-04-29] () [File not signed]
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
R2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [ ]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14703064 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2226136 2019-10-03] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [5388856 2019-08-28] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7136488 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R2 FSLabs Service; C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe [92304 2018-11-08] (Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [439296 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
S4 hasplms; C:\WINDOWS\system32\hasplms.exe [4319776 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-02-02] (SurfRight B.V. -> SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LogWatch; H:\CA_LIC\LogWatNT.exe [75016 2008-05-20] (CA -> CA)
S2 MySQL; C:\Program Files (x86)\BASTION\mysql\bin\mysqld.exe [11074560 2016-01-15] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2018-06-01] (Letasoft LLC -> Letasoft)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2019-02-20] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath
R3 ALSysIO; C:\Users\homepc\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-07] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 Arctosa; C:\WINDOWS\system32\drivers\Arctosa.sys [26624 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 BfEdge7x64; C:\WINDOWS\System32\drivers\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R3 BFN7x64; C:\WINDOWS\System32\drivers\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 cpuz140; no ImagePath
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DIRECTIO37; C:\Program Files\BurnInTest\DirectIo64.sys [31376 2015-02-16] (PassMark Software Pty Ltd -> )
R0 DrWebLwf; C:\WINDOWS\System32\drivers\DrWebLwf.sys [505592 2019-10-07] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2019-09-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R0 DwDevGuard; C:\WINDOWS\System32\drivers\dwdg.sys [241264 2019-03-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\WINDOWS\System32\drivers\dwelam.sys [31984 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\WINDOWS\System32\drivers\dwprot.sys [860240 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-01-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1304840 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2019-10-07] (SurfRight B.V. -> )
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ip100Avista; C:\WINDOWS\System32\drivers\ipfnd51.sys [36864 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-11] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2018-03-02] (Extra Solutions Ltd -> Trust.Zone VPN Project)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OSFMount; C:\Program Files\OSFMount\x64\OSFMount.sys [1038416 2018-03-22] (PassMark Software Pty Ltd -> PassMark Software)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-04-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PORTMON; C:\SysinternalsSuite\PORTMSYS.SYS [28656 2018-12-11] (Systems Internals) [File not signed]
S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [39568 2016-06-14] (Prosoft Engineering, Inc. -> )
S3 rspSanity; C:\WINDOWS\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 SpiderG3; C:\WINDOWS\System32\drivers\spiderg3.sys [390248 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2019-09-21] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-11-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp; C:\WINDOWS\system32\disko\winfsp-x64.sys [144848 2018-01-25] (Navimatics Corporation -> Navimatics Corporation)
S3 LVPr2M64; \SystemRoot\system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 18:42 - 2019-10-07 18:43 - 000000000 ____D C:\FRST
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ C:\Users\homepc\AppData\Local\recently-used.xbel
2019-10-07 16:39 - 2019-10-07 16:39 - 000000000 ____D C:\WINDOWS\Panther
2019-10-07 16:03 - 2019-10-07 16:03 - 000001558 _____ C:\Users\homepc\Desktop\SFCFix.txt
2019-10-07 16:00 - 2019-10-07 16:00 - 000000000 _____ C:\WINDOWS\system32\sfc
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\LocalLow\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\OneDrive
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Mozilla
2019-10-07 15:51 - 2019-10-07 15:51 - 000000000 ____D C:\Users\newuser\AppData\Local\Comms
2019-10-07 15:26 - 2019-10-07 15:26 - 000000000 ____D C:\Users\newuser\AppData\Local\ChemTable Software
2019-10-07 15:24 - 2019-10-07 15:26 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1010
2019-10-07 15:24 - 2019-10-07 15:26 - 000000000 ___RD C:\Users\newuser\OneDrive
2019-10-07 15:24 - 2019-10-07 15:24 - 000001450 _____ C:\Users\newuser\Desktop\Microsoft Edge.lnk
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\OpenVPN
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\Toshiba
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\PlaceholderTileLogoFolder
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\DFX
2019-10-07 15:23 - 2019-10-07 16:18 - 000011114 _____ C:\Users\newuser\Documents\FPSMonitor.txt
2019-10-07 15:23 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Packages
2019-10-07 15:23 - 2019-10-07 15:26 - 000002369 _____ C:\Users\newuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:23 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser
2019-10-07 15:23 - 2019-10-07 15:23 - 000000258 __RSH C:\Users\newuser\ntuser.pol
2019-10-07 15:23 - 2019-10-07 15:23 - 000000020 ___SH C:\Users\newuser\ntuser.ini
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___RD C:\Users\newuser\3D Objects
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___HD C:\Users\newuser\MicrosoftEdgeBackups
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\ProcessLasso
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Adobe
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\VirtualStore
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Publishers
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\MicrosoftEdge
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Google
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\ConnectedDevicesPlatform
2019-10-07 15:23 - 2017-06-25 00:42 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Macromedia
2019-10-07 15:07 - 2019-10-07 15:07 - 000000000 ____D C:\Users\test\AppData\Local\Toshiba
2019-10-07 14:19 - 2019-10-07 14:19 - 000001831 _____ C:\Users\Public\Desktop\Prepar3D v4.lnk
2019-10-07 14:19 - 2019-10-07 14:19 - 000001831 _____ C:\ProgramData\Desktop\Prepar3D v4.lnk
2019-10-07 14:19 - 2019-10-07 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\Users\Public\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\ProgramData\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly the Maddog X
2019-10-06 06:38 - 2019-10-06 06:40 - 000000000 ___DC C:\Users\homepc\Documents\Maddog X Files
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\Users\Public\Desktop\AirHauler 2.lnk
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\ProgramData\Desktop\AirHauler 2.lnk
2019-10-05 23:50 - 2019-10-05 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS2Crew2012
2019-10-05 23:43 - 2019-10-05 23:43 - 000000000 ____D C:\Program Files\AI Lights Reborn Free Edition
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo Internationall (FSX)
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo International (FSX)
2019-10-05 22:36 - 2019-10-05 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG - Cape Town FSX
2019-10-05 17:55 - 2019-10-05 17:55 - 020815872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019013632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-05 17:55 - 2019-10-05 17:55 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000241976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 026806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 023454720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 009680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002415928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002200376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-05 17:54 - 2019-10-05 17:54 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001751424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001720120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001399608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001247344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-05 14:38 - 2019-10-05 14:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1
2019-10-05 14:37 - 2019-10-05 14:37 - 000001862 _____ C:\Users\homepc\Desktop\AFX.lnk
2019-10-05 14:37 - 2019-10-05 14:37 - 000000000 ____D C:\Program Files (x86)\AFX
2019-10-04 15:01 - 2019-10-04 15:01 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-03 18:31 - 2019-10-03 18:31 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-09-30 23:12 - 2019-09-30 23:12 - 000034030 _____ C:\Users\homepc\Desktop\ChasePlane_Report_gtafivehater_gmail_com.txt
2019-09-30 15:53 - 2019-09-30 15:53 - 000000000 ____D C:\Users\homepc\AppData\Local\Viber
2019-09-29 17:26 - 2019-10-05 17:58 - 000519104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 02:03 - 2019-09-29 02:03 - 000000000 ____D C:\Users\homepc\AppData\Local\gtk-3.0
2019-09-29 01:11 - 2019-10-07 18:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\gsmartcontrol
2019-09-28 23:14 - 2019-10-07 16:03 - 000000000 ____D C:\SFCFix
2019-09-28 23:13 - 2019-10-07 16:03 - 000000000 ____D C:\Users\homepc\AppData\Local\niemiro
2019-09-28 22:46 - 2019-09-28 22:46 - 000000000 ___HD C:\$Windows.~WS
2019-09-28 22:38 - 2019-09-28 22:39 - 000000000 ____D C:\Program Files\NTLite
2019-09-28 22:38 - 2019-09-28 22:38 - 000000825 _____ C:\Users\homepc\Desktop\NTLite.lnk
2019-09-28 22:38 - 2019-09-28 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2019-09-28 19:19 - 2019-09-28 23:06 - 000000000 ____D C:\ESD
2019-09-28 13:43 - 2019-09-28 13:43 - 000001098 _____ C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RD-soft
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-28 13:38 - 2019-09-28 13:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\THROTTLEINDICATOR
2019-09-28 13:27 - 2019-09-28 13:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\fscabincrew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FS Cabin Crew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\Program Files (x86)\drubware.net
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\Users\Public\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\ProgramData\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\Users\Public\Desktop\FSLA320-X MCDU.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\ProgramData\Desktop\FSLA320-X MCDU.url
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ C:\Program Files (x86)\unEZCA2.exe
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\Users\Public\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\ProgramData\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\EZCA
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA2
2019-09-27 01:49 - 2019-09-27 03:53 - 000002048 _____ C:\WINDOWS\ezcamera2.lic
2019-09-27 00:18 - 2019-09-27 00:20 - 000000000 ____D C:\OpusFSX
2019-09-27 00:17 - 2019-09-27 00:18 - 000000000 ____D C:\Opus Software
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-25 02:53 - 2019-09-25 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Majestic Software
2019-09-25 01:51 - 2019-09-28 18:57 - 000000000 ____D C:\1909_f1_rxp
2019-09-25 01:22 - 2019-09-25 01:22 - 000000000 ____D C:\ProgramData\Garmin
2019-09-25 01:11 - 2019-09-28 20:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\Users\Public\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\ProgramData\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\Program Files (x86)\Download Master
2019-09-24 18:44 - 2019-09-30 23:12 - 000000000 ____D C:\Program Files (x86)\ChasePlane (XEdition)
2019-09-24 18:44 - 2019-09-24 21:36 - 000000000 ___DC C:\Users\homepc\Documents\ChasePlane Presets
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\Users\Public\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\ProgramData\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChasePlane (XEdition)
2019-09-24 17:28 - 2019-09-26 17:12 - 000000895 _____ C:\Users\homepc\Desktop\F1UpdateTool.lnk
2019-09-24 17:28 - 2019-09-24 17:28 - 000000935 _____ C:\Users\homepc\Desktop\f1update_tool_readme.lnk
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hoppie
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\Program Files (x86)\Hoppie
2019-09-22 00:38 - 2019-09-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simware - Valencia X - FSX
2019-09-21 22:49 - 2019-09-21 23:21 - 000001116 _____ C:\Users\homepc\Desktop\767-300 FSX Configuration Manager.lnk
2019-09-21 21:08 - 2019-09-21 21:18 - 000203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-09-21 14:13 - 2019-09-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARMI Project - Muscat OOMS FSX
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\Users\Public\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\ProgramData\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-21 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Ground Crew X
2019-09-21 13:31 - 2019-09-29 21:13 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Ultimate Ground Crew X
2019-09-17 00:14 - 2019-09-17 00:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3res
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3weatherfiles
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3Charts
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3aircraftfiles
2019-09-16 23:49 - 2019-09-16 23:49 - 000000000 ____D C:\Users\homepc\zygrib
2019-09-16 23:34 - 2019-09-27 00:34 - 000000000 ____D C:\OpusFSI_v5
2019-09-16 21:39 - 2019-09-16 21:39 - 000001181 _____ C:\Users\homepc\Desktop\Active Sky Next for FSX SP5.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000002021 _____ C:\Users\homepc\Desktop\FS Global Real Weather.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000000000 ____D C:\Program Files (x86)\FSGRW
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\Users\Public\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\ProgramData\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\Users\Public\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\ProgramData\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDreamTeam
2019-09-15 14:00 - 2019-10-07 15:51 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2019-09-15 13:41 - 2019-09-15 13:42 - 000082268 _____ C:\ProgramData\dxdiag.txt
2019-09-14 23:40 - 2019-09-15 01:43 - 000000000 ____D C:\Program Files\MFSClientV5
2019-09-14 12:27 - 2019-09-14 12:27 - 000000000 ____D C:\Users\homepc\AppData\Local\NVIDIA
2019-09-14 11:15 - 2019-09-14 11:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\NVIDIA
2019-09-14 11:13 - 2019-10-07 18:38 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-14 11:13 - 2019-09-14 13:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-05 22:49 - 005468144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 002634608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000654320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-09-14 11:13 - 2019-09-05 04:04 - 008709382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-09-14 11:13 - 2019-08-01 16:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000447368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000351944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:28 - 011562376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:28 - 009937104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 002051008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001550080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001247432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001140616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000959424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000676096 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000658880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000632768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000544648 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000524168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 040444856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 035334536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 017300360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 014921096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 005358472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 004696968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001726400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443630.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001491336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443630.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 005002192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 004263840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-09-14 11:12 - 2019-09-06 00:19 - 000054700 _____ C:\WINDOWS\system32\nvinfo.pb
2019-09-14 11:12 - 2019-09-06 00:19 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-09-14 11:07 - 2019-09-14 11:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-14 11:06 - 2019-09-14 11:06 - 000000000 ____D C:\ShadersHLSL
2019-09-13 21:28 - 2019-09-13 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSS FSL A320 IAE V2.1
2019-09-13 20:53 - 2019-09-13 20:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PILOT'S Software
2019-09-13 19:06 - 2019-09-27 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd
2019-09-13 19:05 - 2019-09-13 19:30 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\MSBuild
2019-09-13 13:25 - 2019-09-13 13:25 - 017761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 013942784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004850688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-13 13:25 - 2019-09-13 13:25 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002148864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-13 02:09 - 2019-10-07 00:09 - 000000000 ____D C:\TCPU71
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\Users\Public\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\ProgramData\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\Users\Public\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\ProgramData\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 00:00 - 2019-09-13 00:00 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PMDG Operations Center.lnk
2019-09-12 18:53 - 2019-09-12 19:00 - 000000000 ____D C:\BLOCKCHECKDPI
2019-09-11 01:12 - 2019-09-11 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2019-09-11 00:42 - 2019-09-11 00:43 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X - Steam Edition Files
2019-09-10 23:57 - 2019-09-10 23:57 - 000000208 _____ C:\Captain.ini
2019-09-10 19:27 - 2019-09-28 13:43 - 000000000 ____D C:\Program Files (x86)\RD-soft
2019-09-10 19:27 - 2019-09-10 19:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RDSetInstaller
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\Users\Public\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\ProgramData\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-10 19:19 - 2019-09-10 19:19 - 000000000 ____D C:\Users\homepc\AppData\Local\kACARS_-LR
2019-09-10 19:18 - 2019-09-10 19:18 - 000003113 _____ C:\Users\homepc\Desktop\kACARS - Landing Rate.lnk
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kACARS_Free
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Program Files (x86)\FS-Products
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\Users\Public\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\ProgramData\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 747-400 V2 for FSX
2019-09-08 00:49 - 2019-09-11 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2019-09-08 00:19 - 2019-09-08 00:19 - 000271424 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2019-09-08 00:14 - 2019-09-08 00:14 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2019-09-07 14:22 - 2019-09-07 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Airbus A318-A319 - FSX

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 18:42 - 2017-06-24 23:54 - 000000000 ____D C:\Users\homepc\Desktop\Tor Browser
2019-10-07 18:39 - 2017-06-24 11:27 - 000000000 ____D C:\Users\homepc\AppData\LocalLow\Mozilla
2019-10-07 18:38 - 2018-12-26 16:25 - 000000000 ____D C:\ProgramData\VMware
2019-10-07 18:38 - 2018-12-16 22:38 - 000003180 _____ C:\WINDOWS\system32\Tasks\FRAPS
2019-10-07 18:38 - 2018-12-16 22:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-07 18:38 - 2018-12-16 22:28 - 000000000 ____D C:\Users\homepc
2019-10-07 18:38 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-07 18:38 - 2018-09-15 10:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-07 18:38 - 2018-08-13 17:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-07 18:38 - 2018-05-10 21:23 - 000012792 ____C C:\Users\homepc\Documents\FPSMonitor.txt
2019-10-07 18:38 - 2018-04-27 21:38 - 000000000 ____D C:\Fraps
2019-10-07 18:38 - 2018-04-09 23:54 - 000000000 ____D C:\ProgramData\Jeppesen
2019-10-07 18:38 - 2018-04-05 15:40 - 000000000 ___DC C:\Users\homepc\AppData\Local\Apps\2.0
2019-10-07 18:38 - 2017-08-04 23:22 - 000000000 ____D C:\Program Files\Core Temp
2019-10-07 18:38 - 2017-06-24 12:57 - 000000000 ____D C:\ProgramData\Doctor Web
2019-10-07 18:36 - 2018-12-16 22:38 - 000002430 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-10-07 18:36 - 2018-09-15 09:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-07 18:30 - 2019-02-03 16:47 - 000000000 ____D C:\WX Advantage Radar
2019-10-07 18:22 - 2017-06-25 12:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\CrashDumps
2019-10-07 18:07 - 2018-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-07 17:44 - 2018-10-18 13:18 - 000505592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\drweblwf.sys
2019-10-07 17:10 - 2018-12-21 21:57 - 000000000 ___DC C:\Users\homepc\Documents\ViberDownloads
2019-10-07 16:56 - 2017-12-10 18:46 - 000000000 ___DC C:\Users\homepc\AppData\Local\Packages
2019-10-07 16:43 - 2018-12-16 22:37 - 000977104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-07 16:43 - 2018-09-15 10:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-07 16:39 - 2017-09-22 17:08 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-07 16:39 - 2017-06-24 12:05 - 000000000 ____D C:\Users\homepc\AppData\Roaming\ViberPC
2019-10-07 16:19 - 2018-12-16 22:38 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1001
2019-10-07 16:19 - 2018-12-16 22:28 - 000002366 _____ C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 16:19 - 2017-06-24 10:46 - 000000000 ___RD C:\Users\homepc\OneDrive
2019-10-07 16:02 - 2018-09-15 10:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-07 15:41 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2019-10-07 15:26 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\DelayedItemsByChemtableSoftware
2019-10-07 15:26 - 2018-07-18 16:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Telegram Desktop
2019-10-07 15:25 - 2017-06-24 10:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-07 15:23 - 2018-11-25 16:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Clipdiary
2019-10-07 15:08 - 2018-12-16 22:38 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1002
2019-10-07 15:08 - 2018-12-16 22:28 - 000002360 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:08 - 2018-09-15 10:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-07 15:08 - 2017-12-10 18:46 - 000000000 ____D C:\Users\test\AppData\Local\Packages
2019-10-07 15:08 - 2017-09-21 18:36 - 000000000 ___RD C:\Users\test\OneDrive
2019-10-07 15:07 - 2017-12-28 23:39 - 000000000 ___RD C:\Users\test\3D Objects
2019-10-07 14:52 - 2017-06-24 13:17 - 000000000 ____D C:\Users\homepc\AppData\Roaming\WhatsApp
2019-10-07 14:18 - 2017-06-24 11:15 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-07 14:11 - 2017-07-25 00:28 - 000000000 ___DC C:\Users\homepc\Documents\AivlaSoft
2019-10-07 13:25 - 2019-05-31 19:10 - 000000000 ____D C:\Users\homepc\AppData\Local\BitTorrentHelper
2019-10-07 02:07 - 2019-08-29 01:11 - 000000000 ____D C:\Users\homepc\AppData\Roaming\vlc
2019-10-06 19:02 - 2019-03-13 13:04 - 000000000 ____D C:\Users\homepc\AppData\Roaming\SimBrief Downloader
2019-10-06 17:35 - 2019-01-28 21:30 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X Files
2019-10-06 17:01 - 2019-01-29 17:38 - 000001155 _____ C:\Users\homepc\Desktop\Active Sky 2016 for FSX.lnk
2019-10-06 15:52 - 2017-09-12 12:56 - 000000000 ____D C:\SoyzClient
2019-10-06 15:34 - 2017-12-29 00:30 - 000000000 ____D C:\ProgramData\Virtuali
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\Users\Public\Documents\DX10SceneryFixer
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\ProgramData\Documents\DX10SceneryFixer
2019-10-06 15:26 - 2017-07-24 00:00 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Virtuali
2019-10-06 06:45 - 2017-07-28 03:00 - 000000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2019-10-06 06:18 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\eSellerate
2019-10-06 05:12 - 2017-12-29 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-10-06 04:06 - 2019-05-13 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
2019-10-06 00:37 - 2017-09-16 19:24 - 000000000 ___DC C:\Users\homepc\Documents\vPilot Files
2019-10-06 00:25 - 2018-08-11 14:49 - 000000000 ___DC C:\Users\homepc\AppData\Local\V1_Software
2019-10-06 00:10 - 2019-06-28 19:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-06 00:10 - 2018-07-27 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2019-10-06 00:10 - 2017-06-24 10:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-05 23:50 - 2018-07-13 23:12 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RAASPRO
2019-10-05 23:43 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Add-ons
2019-10-05 17:58 - 2019-03-28 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 17:58 - 2017-12-10 19:59 - 000000000 ___RD C:\Users\homepc\3D Objects
2019-10-05 17:58 - 2017-06-24 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-05 17:56 - 2018-09-15 12:11 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-05 17:56 - 2018-09-15 12:11 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-05 17:56 - 2018-09-15 12:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-05 17:56 - 2018-09-15 09:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-05 17:54 - 2017-06-24 11:38 - 000408644 __RSH C:\bootmgr
2019-10-05 14:37 - 2017-07-26 03:41 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2019-10-05 13:31 - 2017-08-06 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2019-10-05 12:01 - 2019-02-25 20:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Discord
2019-10-05 11:57 - 2017-06-24 11:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-03 16:00 - 2017-06-24 12:59 - 000000000 ____D C:\Program Files\DrWeb
2019-10-03 12:34 - 2019-03-26 16:25 - 000000000 ____D C:\Users\homepc\AppData\Local\WhatsApp
2019-10-02 21:52 - 2018-12-16 22:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:52 - 2018-12-16 22:38 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 21:52 - 2017-11-17 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-30 20:21 - 2017-09-21 18:40 - 000000000 ____D C:\Temp
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\Users\Public\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\ProgramData\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000000000 ____D C:\Program Files (x86)\AIDA64
2019-09-30 14:10 - 2018-10-18 13:19 - 000860240 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwprot.sys
2019-09-30 14:10 - 2018-10-18 13:18 - 000390248 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\spiderg3.sys
2019-09-29 21:14 - 2018-12-25 18:07 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-09-29 17:25 - 2018-02-07 01:32 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Wise Disk Cleaner
2019-09-29 17:24 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\ProgramData\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2019-09-28 20:38 - 2018-03-28 13:04 - 000000000 ____D C:\Boson
2019-09-28 13:25 - 2017-07-24 01:47 - 000000000 ___DC C:\Users\homepc\AppData\Local\Downloaded Installations
2019-09-27 03:54 - 2017-07-23 16:57 - 000000000 ____D C:\Program Files (x86)\EZCA2
2019-09-27 03:53 - 2017-07-23 16:56 - 000000000 ____D C:\EZdok Software
2019-09-27 03:38 - 2019-02-26 02:50 - 000000000 ____D C:\Program Files\EZCA3
2019-09-27 03:36 - 2019-02-25 22:23 - 000000000 ____D C:\Program Files (x86)\Flight1 Purchase Agent
2019-09-27 02:56 - 2019-01-22 23:20 - 000000000 __SHD C:\Users\Public\DRM
2019-09-27 00:17 - 2017-12-28 01:37 - 000002048 _____ C:\WINDOWS\OpusFSX.lic
2019-09-27 00:13 - 2018-01-28 13:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Navdata
2019-09-27 00:13 - 2018-01-28 13:29 - 000002048 _____ C:\WINDOWS\CX750X.lic
2019-09-27 00:12 - 2019-02-25 22:23 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1Purchase
2019-09-27 00:08 - 2019-02-26 02:50 - 000002048 _____ C:\WINDOWS\ezcapro3.lic
2019-09-27 00:02 - 2019-02-25 22:23 - 000083295 _____ C:\Program Files (x86)\F1Uninstall.exe
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\Users\Public\Desktop\Flight1 Purchase Agent.lnk
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\ProgramData\Desktop\Flight1 Purchase Agent.lnk
2019-09-26 19:39 - 2018-12-16 22:28 - 000000000 ____D C:\Users\DefaultAppPool
2019-09-26 17:12 - 2017-08-23 12:55 - 000000000 ____D C:\ProgramData\Flight One Software
2019-09-26 04:18 - 2019-02-02 02:16 - 000000109 _____ C:\WINDOWS\GARMINWT.INI
2019-09-26 02:06 - 2018-04-23 00:26 - 000000221 ____C C:\Users\homepc\Documents\ax_files.xml
2019-09-25 20:45 - 2019-05-05 17:20 - 000000000 ____D C:\Program Files (x86)\FSrealWX 3.0
2019-09-25 12:15 - 2017-11-17 13:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-09-25 02:46 - 2017-12-30 20:32 - 000000000 ____D C:\Program Files (x86)\FSBuild
2019-09-25 01:29 - 2019-09-06 19:11 - 000000000 ____D C:\Program Files\Process Lasso
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\Users\Public\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\ProgramData\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso Pro
2019-09-25 01:29 - 2018-12-16 22:38 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2019-09-25 01:29 - 2018-12-16 22:38 - 000003096 _____ C:\WINDOWS\system32\Tasks\Process Lasso Core Engine Only
2019-09-25 01:22 - 2019-02-04 22:22 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin Aviation Trainers.lnk
2019-09-24 17:28 - 2019-02-01 14:39 - 000000890 _____ C:\Users\homepc\Desktop\F1GTNConfig.lnk
2019-09-23 23:23 - 2017-06-24 13:17 - 000000000 ___DC C:\Users\homepc\AppData\Local\SquirrelTemp
2019-09-23 22:32 - 2018-05-18 11:38 - 000000000 ___DC C:\Users\homepc\AppData\Local\D3DSCache
2019-09-23 15:09 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-23 15:09 - 2017-12-28 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSrealWX
2019-09-23 15:07 - 2018-12-17 14:49 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-23 15:07 - 2018-10-10 18:37 - 000000000 ___RD C:\Users\homepc\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-09-22 02:52 - 2019-04-19 00:34 - 000000000 ____D C:\Program Files\WhoCrashed
2019-09-22 00:53 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Files
2019-09-21 22:49 - 2018-04-28 14:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-09-21 21:37 - 2018-04-30 15:02 - 000000000 ____D C:\Program Files (x86)\PMDG Operations Center
2019-09-21 16:49 - 2017-07-27 15:29 - 000000000 ____D C:\ProgramData\firebird
2019-09-21 15:11 - 2017-07-27 15:27 - 000000000 ____D C:\PRO-ATC-X
2019-09-19 13:15 - 2017-09-14 15:00 - 000000000 ____D C:\DrWebkeys
2019-09-19 13:13 - 2017-07-23 21:34 - 000000000 ____D C:\aerosoft
2019-09-17 11:44 - 2019-02-26 02:03 - 000000035 _____ C:\general.INI
2019-09-17 01:02 - 2017-08-31 16:42 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2019-09-17 00:14 - 2019-05-05 16:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3
2019-09-17 00:13 - 2017-12-28 20:14 - 000000000 ____D C:\Program Files (x86)\FSrealWX_Pro
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\Users\Public\Desktop\FSrealWX Pro.lnk
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\ProgramData\Desktop\FSrealWX Pro.lnk
2019-09-16 21:39 - 2019-01-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2019-09-16 21:39 - 2019-01-29 17:37 - 000000000 ____D C:\Program Files (x86)\HiFi
2019-09-16 21:39 - 2018-01-28 03:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\HiFi
2019-09-16 20:41 - 2018-05-27 13:10 - 000001095 _____ C:\Users\homepc\Desktop\MFSClient.lnk
2019-09-16 19:50 - 2018-02-03 17:52 - 000000000 ____D C:\Program Files (x86)\Addon Manager
2019-09-16 19:30 - 2018-02-03 18:04 - 000000179 _____ C:\Users\homepc\FSDreamTeam_GSX.reg
2019-09-16 15:57 - 2018-02-06 19:31 - 000000000 ___HD C:\3gzV5dAb7FiiwFEW
2019-09-16 11:29 - 2018-01-11 19:31 - 000000000 ___DC C:\Users\homepc\AppData\Local\MEGAsync
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\Users\Public\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\ProgramData\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 01:27 - 2018-05-12 00:31 - 000000000 ____D C:\AFSD
2019-09-15 00:40 - 2017-12-30 15:36 - 000000000 ___DC C:\Users\homepc\AppData\Local\QSimPlanner
2019-09-15 00:38 - 2017-12-30 15:36 - 000001149 _____ C:\Users\homepc\Desktop\QSimPlanner.lnk
2019-09-15 00:38 - 2017-12-30 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QSimPlanner
2019-09-14 17:33 - 2019-03-13 13:04 - 000002514 _____ C:\Users\homepc\Desktop\SimBrief Downloader.lnk
2019-09-14 11:13 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\Help
2019-09-14 11:08 - 2017-12-27 16:14 - 000000000 ____D C:\[Guru3D.com]-DDU
2019-09-14 11:03 - 2018-12-16 22:38 - 000004570 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-14 11:03 - 2017-06-25 00:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\Adobe
2019-09-14 11:00 - 2019-04-07 00:43 - 000000000 ____D C:\ProgramData\DisplayDriverUninstaller
2019-09-14 11:00 - 2018-07-22 12:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-09-14 10:48 - 2018-12-16 22:38 - 000004582 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-13 20:15 - 2018-03-04 13:56 - 000000000 ____D C:\ProgramData\FSTramp
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\Users\Public\Documents\PFPX Data
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\ProgramData\Documents\PFPX Data
2019-09-13 18:40 - 2019-02-28 01:02 - 000000000 ____D C:\Users\homepc\AppData\Local\ElevatedDiagnostics
2019-09-13 18:35 - 2019-02-03 04:55 - 000001159 _____ C:\Users\homepc\Desktop\Reg Organizer.lnk
2019-09-13 14:20 - 2017-06-24 10:59 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-13 13:27 - 2018-09-15 10:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-13 13:26 - 2018-09-15 10:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-13 13:26 - 2018-09-15 10:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-13 11:47 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\Users\Public\Desktop\TC PU Programs
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\ProgramData\Desktop\TC PU Programs
2019-09-12 23:43 - 2018-02-24 00:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\uTorrent
2019-09-12 20:36 - 2017-09-01 19:04 - 000001857 _____ C:\Users\homepc\Desktop\FSFX_Tools.lnk
2019-09-11 18:57 - 2017-09-10 16:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\TS3Client
2019-09-11 01:12 - 2018-04-27 23:56 - 000000000 ____D C:\Program Files\ParkControl
2019-09-10 09:54 - 2018-07-26 13:21 - 000001323 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 Server.lnk
2019-09-10 09:49 - 2018-07-26 13:21 - 000001338 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 DbBuilder.lnk
2019-09-08 21:59 - 2019-06-29 00:06 - 000000000 ____D C:\Temp torrents
2019-09-08 19:32 - 2018-08-31 18:23 - 000000000 ___DC C:\Users\homepc\AppData\Local\Ubisoft Game Launcher
2019-09-08 16:41 - 2017-10-15 15:29 - 000002004 _____ C:\Users\homepc\Desktop\FS Real Time.lnk
2019-09-07 22:23 - 2017-07-26 03:41 - 000000000 ____D C:\Program Files (x86)\FS Real Time
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\Users\Public\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\ProgramData\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSTramp
2019-09-07 12:48 - 2018-03-04 13:56 - 000000000 ____D C:\Program Files (x86)\FSTramp

==================== Files in the root of some directories ================

2018-02-03 18:04 - 2019-09-16 19:30 - 000000179 _____ () C:\Users\homepc\FSDreamTeam_GSX.reg
2017-12-30 20:37 - 2019-09-01 22:20 - 000002065 _____ () C:\Program Files (x86)\3187c76b-7ef1-4f48-bb5e-e5da055a81d9.index
2019-02-25 22:23 - 2019-09-27 00:02 - 000083295 _____ () C:\Program Files (x86)\F1Uninstall.exe
2011-12-03 16:23 - 2008-02-21 21:45 - 000070416 _____ () C:\Program Files (x86)\post-2-12035868936904.jpg
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ () C:\Program Files (x86)\unEZCA2.exe
2019-01-31 15:53 - 2019-01-24 18:11 - 000000858 _____ () C:\Users\homepc\AppData\Roaming\8f2626ec-b19e-4dc5-9f23-cdc84f045b52.index
2018-06-20 11:47 - 2018-05-20 18:10 - 000000855 _____ () C:\Users\homepc\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2018-11-04 22:39 - 2018-10-04 09:37 - 002385178 _____ () C:\Users\homepc\AppData\Roaming\ec317386-e87d-48c7-ade1-34457a87d179.index
2017-12-20 01:48 - 2017-12-20 01:48 - 000000128 ____H () C:\Users\homepc\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2018-12-30 23:40 - 2018-12-30 23:40 - 000212879 _____ () C:\Users\homepc\AppData\Roaming\Lockheed Martin.rar
2017-09-03 12:43 - 2019-05-10 00:22 - 000000369 _____ () C:\Users\homepc\AppData\Roaming\OpenSceneryX Installer.plist
2018-10-27 22:23 - 2018-10-27 22:23 - 000000000 _____ () C:\Users\homepc\AppData\Roaming\Program.cfg
2018-10-25 01:07 - 2019-04-27 14:57 - 000000080 _____ () C:\Users\homepc\AppData\Roaming\WED.prefs
2019-05-10 01:34 - 2019-06-15 22:29 - 000008176 _____ () C:\Users\homepc\AppData\Roaming\XAddonManager.plist
2019-03-18 15:50 - 2019-03-18 15:50 - 000000000 _____ () C:\Users\homepc\AppData\Local\oobelibMkey.log
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ () C:\Users\homepc\AppData\Local\recently-used.xbel
2019-04-16 15:23 - 2019-05-16 14:14 - 000007653 _____ () C:\Users\homepc\AppData\Local\Resmon.ResmonCfg
2019-04-19 00:39 - 2019-05-09 02:11 - 000001293 _____ () C:\Users\homepc\AppData\Local\Temp1.html
2019-04-19 00:40 - 2019-04-19 00:40 - 000013510 _____ () C:\Users\homepc\AppData\Local\Temp38.html
2019-05-09 02:11 - 2019-05-09 02:11 - 000003111 _____ () C:\Users\homepc\AppData\Local\Temp6.html
2019-08-12 23:06 - 2019-08-12 23:06 - 000017408 _____ () C:\Users\homepc\AppData\Local\WebpageIcons.db
2019-04-05 15:31 - 2019-05-03 12:37 - 000000093 _____ () C:\Users\homepc\AppData\Local\X-Plane 11 Preferences.prf
2019-04-05 15:31 - 2019-08-13 11:02 - 000000037 _____ () C:\Users\homepc\AppData\Local\X-Plane Installer.prf
2019-04-05 15:31 - 2019-05-25 17:50 - 000000075 _____ () C:\Users\homepc\AppData\Local\X-Plane_drm_11.prf
2019-04-05 15:32 - 2019-08-13 10:39 - 000000032 _____ () C:\Users\homepc\AppData\Local\x-plane_install_11.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by homepc (07-10-2019 18:44:20)
Running from C:\Users\homepc\Desktop\Tor Browser
Windows 10 Pro Version 1809 17763.775 (X64) (2018-12-16 19:38:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2357164880-557895980-647672482-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2357164880-557895980-647672482-503 - Limited - Disabled)
Guest (S-1-5-21-2357164880-557895980-647672482-501 - Limited - Disabled)
homepc (S-1-5-21-2357164880-557895980-647672482-1001 - Administrator - Enabled) => C:\Users\homepc
newuser (S-1-5-21-2357164880-557895980-647672482-1010 - Administrator - Enabled) => C:\Users\newuser
test (S-1-5-21-2357164880-557895980-647672482-1002 - Administrator - Enabled) => C:\Users\test
WDAGUtilityAccount (S-1-5-21-2357164880-557895980-647672482-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Dr.Web Security Space (Disabled - Up to date) {1F0B3F76-4795-94AD-DF9E-2678C33ACA8F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Dr.Web Firewall (Disabled) {2730BE53-0DFA-95F5-F4C1-8F4D3DE98DF4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
µTorrent (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
µTorrent 3.5.1 (HKLM-x32\...\µTorrentPro 3.5.1 Build 44358) (Version: - )
1C:Предприятие 8 (x86-64) (8.3.13.1690) (HKLM\...\{EE557440-904A-48D6-B8B9-F583F83E58D7}) (Version: 8.3.13.1690 - 1С-Софт)
3DMark (HKLM\...\{2B039C20-A45C-42F6-8BD2-4BD6A145A4FA}) (Version: 2.6.6233.0 - UL) Hidden
3DMark (HKLM-x32\...\{489449ac-3782-4a02-89b0-0aeeb367be04}) (Version: 2.6.6233.0 - UL)
4K Video Downloader (HKLM-x32\...\4K Video Downloader) (Version: - Open Media LLC)
4K Video Downloader 4.4.11.2412 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.4.11.2412 - lrepacks.ru)
4K Video Downloader 4.7.0.2602 (HKLM\...\4K Video Downloader_is1) (Version: 4.7.0.2602 - lrepacks.ru)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aarhus Airport X 1.4 (HKLM-x32\...\Aarhus Airport X 1.4) (Version: - )
ACARS Airborne 1.9 (HKLM-x32\...\ACARS Airborne_is1) (Version: - )
ACARS Dispatch 2.2 (HKLM-x32\...\Dispatch_is1) (Version: - )
Accu-Feel (HKLM-x32\...\Accu-Feel) (Version: - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version: - )
Accu-Feel v2 for Prepar3D v4 (HKLM\...\{D7AC696B-DF75-47FE-BF2F-81BCB3CFE518}) (Version: 2.1 - A2A Simulations Inc.) Hidden
Accu-Feel v2 for Prepar3D v4 (HKLM\...\Accu-Feel v2 for Prepar3D v4 2.1) (Version: 2.1 - A2A Simulations Inc.)
AccuMap (HKLM-x32\...\{FF800A09-B165-4CE4-878D-73E100822409}_is1) (Version: 1.2.0 - MothTech)
Active Sky 2016 for FSX (HKLM-x32\...\{25567157-5441-4731-9703-46c506d029c7}_is1) (Version: 1.0.6452.28386 - HiFi Technologies, Inc.)
Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6909.23676 - HiFi Technologies, Inc.)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6255.21938 - HiFi Technologies, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - FlightSim Commander 9 (HKLM-x32\...\{F941AABE-E868-42D9-9F38-884250F7898A}) (Version: 9.7.0.0 - aerosoft)
Aerosoft's - Simcheck Airbus A300B4-200 (HKLM-x32\...\{40C5DFE3-3B86-4151-A225-C7B28ACEFEB7}) (Version: 2.01 - Aerosoft)
Aerosoft's - Simcheck Airbus A300-FMC-add-on - FSX (HKLM-x32\...\Simcheck Airbus A300-FMC-add-on - FSX) (Version: 1.02 - Aerosoft)
AFSD v4.43 (HKLM-x32\...\AFSD_is1) (Version: 4.43 - Hervй Sors)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
AI Lights Reborn Free Edition (HKLM-x32\...\{46C94EA0-957E-11E7-6784-002FAB2F18BE}) (Version: 3.3.4 - Flight Sim Technologies)
AIControllerV20A (HKLM-x32\...\{730735EE-2AB1-408E-A09B-5EA6AA5A6A2A}) (Version: 2.0.1.0 - AIController)
AIDA64 (HKLM-x32\...\AIDA64) (Version: 6.10.5200 - FinalWire Ltd.)
AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 5.99.4900 - )
AILGenerator 4.9 (HKLM-x32\...\AILGenerator_is1) (Version: - Nico Kaan)
AirHauler 2 (HKLM-x32\...\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}) (Version: 1.00.5 - Just Flight)
Airport Design Editor 175 (HKLM-x32\...\ScruffyDuckSoftwareADE175) (Version: 1.75.6410.0 - ScruffyDuck Software)
Aiseesoft Video Downloader (HKLM-x32\...\{0CDC63F0-BDD6-09A4-CC0E-88C6B2CC27AA}) (Version: 6.0.88 - Aiseesoft Studio)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.16 - AivlaSoft )
AivlaSoft EFB2 Client (HKLM-x32\...\AivlaSoft EFB2 Client) (Version: 2.1 - Apprimus Informatik GmbH)
AivlaSoft EFB2 Server (HKLM-x32\...\AivlaSoft EFB2 Server) (Version: 2.1 - Apprimus Informatik GmbH)
AJPC v2.41 (HKLM-x32\...\AJPC_is1) (Version: 2.41 - Hervй Sors)
Allavsoft 3.16.4.6852 (HKLM-x32\...\Allavsoft_is1) (Version: 3.16.4.6852 - lrepacks.ru)
ALTVPN.com version 1.3 (HKLM-x32\...\{C6C3EC46-801F-4FDA-9BC2-D9AF255BA7D4}_is1) (Version: 1.3 - ALTVPN.com)
ARMI Project - Muscat OOMS FSX (HKLM-x32\...\ARMI Project - Muscat OOMS FSX) (Version: - )
ASConnect 2016 for FSX Installer (HKLM-x32\...\{7ef6df55-324a-418f-8d41-80ec539e6cf4}_is1) (Version: 1.0.0.37 - HiFi Technologies, Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASConnect for P3Dv4 (HKLM-x32\...\{dd86cb93-47a1-4936-95c1-fb1e25c393b8}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Auslogics Driver Updater 1.20.1.0 (HKLM-x32\...\Auslogics Driver Updater_is1) (Version: 1.20.1.0 - Auslogics Labs Pty Ltd)
AUTHGURU (HKLM-x32\...\{E828A555-B89D-4041-BF92-9F08FD774978}) (Version: 9.4 - Bastion Infotech Pvt Ltd)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.3.0.1479 - Bandisoft)
Bandicam 4.1.3 (HKLM-x32\...\Bandicam_is1) (Version: 4.1.3.1400 - Bandicam Company)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BestMonitor 2.01 (HKLM-x32\...\BestMonitor_is1) (Version: - BestChange.ru)
Bigfoot Networks Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks) Hidden
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
BlackBox Simulation - PreFlight Manager (HKLM-x32\...\BlackBox Simulation-PreFlightManager) (Version: 1.0.6600 - BlackBox Simulation)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.20.02(T) - Toshiba Client Solutions Co., Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boson NetSim 10 (HKLM-x32\...\{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC) Hidden
Boson NetSim 10 (HKLM-x32\...\InstallShield_{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC)
Boson NetSim 11 (HKLM-x32\...\{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC) Hidden
Boson NetSim 11 (HKLM-x32\...\InstallShield_{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC)
BSS FSL A320 CFM V2 (HKLM-x32\...\BSS FSL A320 CFM V2) (Version: - )
BSS FSL A320 IAE V2.1 (HKLM-x32\...\BSS FSL A320 IAE V2.1) (Version: - )
BurnInTest v9.0 Pro (HKLM\...\BurnInTest_is1) (Version: 9.0.1010.0 - Passmark Software)
CA ERwin Process Modeler r7.3 (HKLM-x32\...\{CEEFB6A4-A02B-4A34-BAAB-200D9B7448B4}) (Version: 7.003.1773 - CA, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: - )
ChasePlane XEdition (HKLM-x32\...\{CB51E288-3016-47E2-A401-A15BA5AA3F97}_is1) (Version: 1.0.26 XE.1 - ChasePlane (XEdition))
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DigitalDesign - ULLI v1.1 (HKLM-x32\...\DIGITALDESIGN-ULLI-F5F8C557-F53A-4D45-8CB1-82FDF84BD7C7_is1) (Version: 1.0.0.0 - SimMarket)
Discord (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk-O (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{EB6332D7-3C3F-43AC-B332-4DC6E4EFE0C6}_is1) (Version: 18.02.0001 - Mail.Ru Group)
DMD-URKK (HKLM-x32\...\DMD-URKK-B32DCA3D-5D97-4A80-A969-60A961FD5E5D_is1) (Version: 1.0.0.0 - SimMarket)
Domodedovo International Airport v1.1 (HKLM-x32\...\MDESIGN_DOMODEDOVO_INTL_is1) (Version: 1.2.0.0 - SimMarket)
Download Master 6.16.1.1595 (HKLM-x32\...\Download Master_is1) (Version: 6.16.1.1595 - NEO)
Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
Driver Easy 5.6.8 (HKLM\...\DriverEasy_is1) (Version: 5.6.8 - Easeware)
DXGL 0.5.12 (HKLM-x32\...\DXGL) (Version: 0.5.12 - William Feely)
Eaglesoft Citation X 750 2.0 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Eaglesoft Citation X 750 2.0 ) (Version: - )
EasyNavs v5.13 (HKLM-x32\...\EasyNavs_is1) (Version: 5.13 - Hervй Sors)
EFASS version NG (HKLM-x32\...\{C99177FE-4E7B-46CA-B3C2-73581D4063C1}_is1) (Version: NG - Froom Simulation Software)
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
Electrum (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.2.0.1 - TOGA projects)
EXEStealth (HKLM-x32\...\EXEStealth) (Version: - )
EZdok Camera Version 2 (HKLM-x32\...\EZdok Camera Version 2) (Version: - )
F1 GTN Complete (HKLM-x32\...\F1GTN) (Version: 2.12 - Flight1 Aviation Technologies)
FLAi Operations Center (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9c54cef4273db6f7) (Version: 1.0.0.18 - BVARTCC)
Flight Environment X (HKLM-x32\...\Flight Environment X) (Version: - )
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Purchase Agent (HKLM-x32\...\Flight1 Purchase Agent) (Version: - )
FlightFX (remove only) (HKLM-x32\...\FlightFX) (Version: - )
Fly The Maddog X 32bit Edition for FSX (HKLM-x32\...\Fly The Maddog X 32bit Edition for FSX) (Version: - )
ForceBindIP (HKLM-x32\...\ForceBindIP) (Version: - )
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FS Cabin Crew Full Edition (HKLM-x32\...\{033F002F-BF4E-45E5-8522-823B87ED75D2}) (Version: 1.00.0000 - drubware.net)
FS Decelerate version 1.0 (HKLM-x32\...\{F7FDD01F-AC31-4923-92EC-D52D04311583}_is1) (Version: 1.0 - Nikola Jovanovic)
FS Real Time v1.98.1 (HKLM-x32\...\FS_Real_Time) (Version: - )
FS2XPlane (HKLM-x32\...\FS2XPlane) (Version: 3.26 - Jonathan Harris <x-plane@marginal.org.uk>)
FSAirlines Client (HKLM-x32\...\FSAirlines Client) (Version: - )
FSBuild 2 (HKLM-x32\...\FSBuild 2) (Version: 1 - EA)
Fsbuild 2.4.0.32 (HKLM-x32\...\Fsbuild 2.4.0.32) (Version: - )
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSControl v5.06 (HKLM-x32\...\FSControl_is1) (Version: 5.06 - Hervй Sors)
FSDG - Cape Town X FSX (HKLM-x32\...\FSDG - Cape Town X FSX) (Version: - )
FSDreamTeam GSX version 2.7.0 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.7.0 - VIRTUALI Sagl)
FSLabs A320-X Aeroflot livery v1.5 (HKLM-x32\...\FSLabs A320-X Aeroflot livery_is1) (Version: 0.1.5.0 - FlightSimLabs, Ltd.)
FSLabs A320X Binaries v1.0.1.310 for FSX (HKLM-x32\...\A320X_FSX_Binaries_is1) (Version: 1.0.1.310 - FlightSimLabs, Ltd.)
FSLabs A320X Resources v1.0.1.400 for FSX (HKLM-x32\...\A320X_FSX_Resources_is1) (Version: 1.0.1.400 - FlightSimLabs, Ltd.)
FSLSpotLights v1.0.0.38 (HKLM-x32\...\FSLSpotLights_is1) (Version: 1.0.0.38 - FlightSimLabs, Ltd.)
FSrealWX 3.01.1725 (HKLM-x32\...\FSrealWX 3.0_is1) (Version: 3.01.1725 - Hanse-Coders)
FSrealWX Pro Version 2.04.866 (HKLM-x32\...\FSrealWX Pro_is1) (Version: 2.04.866 - Hanse-Coders)
FSrealWX Server Version 1.00.80 (HKLM-x32\...\FSrealWX Server_is1) (Version: 1.00.80 - Hanse-Coders.)
FSTramp (HKLM-x32\...\{0B3EAF6B-BBF1-45EF-B4DA-D16DC7574507}_is1) (Version: 7.26 - Team FSTramp)
Futuremark SystemInfo (HKLM-x32\...\{54A3802E-DFED-4235-85A7-A604FE1CC64D}) (Version: 5.14.693.0 - Futuremark)
FxSound Enhancer (HKLM-x32\...\FxSound Enhancer) (Version: 13.027 - FxSound)
Garmin Aviation Checklist Editor (HKLM-x32\...\{51B555C4-F02B-44A5-8710-8EFE8FCB0589}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Aviation Trainers (HKLM-x32\...\{ebaa1977-06b1-4bef-8e97-ee6421df8e96}) (Version: 2.5.0.0 - Garmin)
Garmin GTN Trainer (HKLM-x32\...\{6DFD1B14-A965-4729-AFB9-408447388AB3}) (Version: 6.62.0.0 - Garmin) Hidden
Garmin Trainer Databases (HKLM-x32\...\{ABD210BC-DB31-4B6C-A342-B022F6FC9945}) (Version: 2.5.0.0 - Garmin) Hidden
Garmin Trainer Launcher (HKLM-x32\...\{95C42791-3D93-4234-9710-8460719D1585}) (Version: 2.5.0.0 - Garmin) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe)
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: 5.40.10482 - )
HHD Software Hex Editor Neo 6.42 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.42.1.6170 - HHD Software, Ltd.)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyperion EOS Control Data Suite (HKLM-x32\...\{615030C8-3D49-4CC1-BD58-5549107A924B}) (Version: 13.08.20 - Hyperion)
HyperSnap (HKLM\...\{39332DD5-F8B8-D804-EE99-DB3BF785DDA1}) (Version: 8.13.02 - Hyperionics Technology LLC)
HyperSnap (HKLM-x32\...\HyperSnap 8.10.00) (Version: - )
iFly Jets - The 737NG for FSX (HKLM-x32\...\iFly Jets - The 737NG for FSX) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Hotfix 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Hotfix 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1a (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1a) (Version: - )
iFly Jets - The 747-400 V2 for FSX (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX) (Version: - )
iFly737 FSX DVD Customer Update 3.1 (HKLM-x32\...\iFly737 FSX DVD Customer Update 3.1) (Version: - )
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Infognition ScreenPressor v2.1 (Remove Only) (HKLM-x32\...\SCPR) (Version: - )
InnoExtractor 5.2.2.188 (HKLM-x32\...\{406AB259-8887-4257-AE79-78D3BC3E528B}_is1) (Version: 5.2.2.188 - Havy Alegria)
Intel(R) Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{A85094B2-BFE8-4C0D-8FF9-2B139D6A4008}) (Version: 8.7.19627 - iSpring Solutions Inc.)
IvAi v1.0.0 b150 (HKLM\...\IvAi_is1) (Version: - IVAO)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
kACARS - Landing Rate (HKLM-x32\...\{FD1DE517-419E-4AD1-A791-72214057E3AD}) (Version: 1.0.0000 - FS-Products)
Letasoft Sound Booster 1.11.0.505 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.505 - Letasoft LLC)
Level-D 767-300 for FSX (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Level-D 767-300 for FSX) (Version: - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Loaris Trojan Remover 3.0.68 (HKLM\...\Loaris Trojan Remover_is1) (Version: 3.0.68 - lrepacks.ru)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
MCDU 2.31 (HKLM-x32\...\MCDU_is1) (Version: - )
MediaHuman YouTube Downloader 3.9.9.10 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.10 - MediaHuman)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MFS Client (HKLM-x32\...\MFS Client) (Version: - )
MFSClientV5 (HKLM-x32\...\MFSClientV5) (Version: - )
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: - )
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM-x32\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 4.0.1.1101 - Flightsim Estonia)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 69.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-GB)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NMG OR Tambo International V4.3 (FSX) (HKLM-x32\...\NMG OR Tambo International V4.3 (FSX)) (Version: - )
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NTLite v1.8.0.7165 (HKLM\...\NTLite_is1) (Version: 1.8.0.7165 - Nlitesoft)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OpenVPN 2.5_git-I602 20170914 refs/heads/master/5fd8e94d31182557 (HKLM\...\OpenVPN) (Version: 2.5_git-I602 - OpenVPN Technologies, Inc.)
OpusFSI Version 5 Flight Simulator Interface (HKLM-x32\...\{98082A12-E24F-4568-B602-B95A3534D91D}) (Version: 5.28.3 - Opus Software Limited)
OpusFSX for FSX and Prepar3D Flight Simulators (HKLM-x32\...\{A6C11E93-4637-4467-B623-AE7F675DF046}) (Version: 3.55.2 - Opus Software Limited)
Oracle VM VirtualBox 5.2.16 (HKLM\...\{9BDE6621-5201-47E9-8394-FF44CBD66A1E}) (Version: 5.2.16 - Oracle Corporation)
OSFMount v2.0 (HKLM\...\OSFMount_is1) (Version: 2.0.1001 - Passmark Software)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.3.1.8 - Bitsum)
Pilots - Almeria LEAM (HKLM-x32\...\Pilots - Almeria LEAM) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion FSX (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PolyLoader (HKLM-x32\...\{2C3BFF40-1468-48F4-8902-DC553874D636}) (Version: 3.5.3 - Yemiez)
Prepar3D v4 Content (HKLM\...\{87040041-993B-42AF-BEA0-6086FEB45184}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Professional Plus (HKLM-x32\...\{33dd160e-e04d-4022-8250-0a7f4b50a542}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Professional Plus Client (HKLM\...\{53DFB31A-C7E4-42D2-98D9-E715C42D6AFF}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.5.12.30293 - Lockheed Martin)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Process Lasso 9.3.0.44 (HKLM\...\Process Lasso_is1) (Version: 9.3.0.44 - Bitsum LLC)
Process Lasso Pro (HKLM-x32\...\Process Lasso Pro) (Version: - )
PSXseeconTraffic 14.6 (HKLM-x32\...\PSXseeconTraffic_is1) (Version: - Nico Kaan)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QSimPlanner version 0.4.8 (HKLM-x32\...\QSimPlanner_is1) (Version: 0.4.8 - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version: - )
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Reg Organizer (HKLM-x32\...\Reg Organizer) (Version: - ChemTable Software)
Reg Organizer 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - lrepacks.ru)
Resource Hacker Version 5.0.42 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Resource Tuner 2.20 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.20 - Heaventools Software)
REX 4 Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{C7BB0C28-2AE4-4AAB-A38B-42CFADDC0EF5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Sky Force 3D for FSX, FSX-Steam, P3Dv3 (HKLM-x32\...\{A4D281C6-83D5-4150-B52D-032DE1465651}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 - PATCH ONLY (HKLM\...\{622205F7-7CC6-4314-9269-8029E4FE0EF8}) (Version: 5.0.2018.0520 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 (HKLM\...\{AAA37EC2-CBC4-4525-999F-12AB2C8542E5}) (Version: 5.0.2018.0508 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{2481E6EB-6771-4507-89BC-3CDC701F7949}) (Version: 5.0.2019.0116 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{556C3051-15D2-4AAF-BC1B-6FCF7F2B5D62}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Soft Clouds - SP3 - Hotfix 5 (HKLM-x32\...\{98C432AB-8BC0-4C76-8336-889E907F955A}) (Version: 4.3.2017.0714 - REX Game Studios, LLC.)
REX Soft Clouds with SP3 - Hotfix 3 (HKLM-x32\...\{656E22EA-EB88-4F68-9F4E-61F6FBF5FF50}) (Version: 4.3.2016.0622 - REX Game Studios, LLC.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
SanityCheck 3.51 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
SceneryTech Africa Landclass v1.0 (HKLM-x32\...\{DA17C501-E443-4371-873C-3C79373A2E33}) (Version: 1.0 - SceneryTech)
SceneryTech Asia Landclass v1.0 (HKLM-x32\...\{F22EE695-4EF1-4188-A209-FD959A494F7B}) (Version: 1.0 - SceneryTech)
SceneryTech North America Landclass v1.4 (HKLM-x32\...\{E91C757A-854C-4057-A67D-7FAE297B2016}) (Version: 1.4 - SceneryTech)
SetFileDate 2.0 (HKLM-x32\...\SetFileDate_is1) (Version: - No Nonsense Software)
SetInstaller (HKLM-x32\...\{53A529DA-F303-466A-BB0F-5308B89854C3}) (Version: 1.00.0000 - RD-soft)
SIDSTAR Converter (HKLM-x32\...\{2FB37C4E-9370-4405-A037-43D23DE258B2}) (Version: 1.30.0000 - Matias Sorcinelli)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SimObject Display Engine (HKLM-x32\...\{C3CEE3FC-84DD-4B1A-8192-5FB8F490319F}) (Version: 1.6.4 - 12bPilot)
SimToolkitPro (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9dee011f30ac205b) (Version: 0.2.2.9 - SimToolkitPro)
Simware's - Valencia X - FSX (HKLM-x32\...\Valencia X - FSX) (Version: 1.14 - Simware)
Sleeping Dogs, версия 2.1 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 2.1 - Other s)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSD Tweaker 4.0.1 (HKLM\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 4.0.1 - elpamsoft.com)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swift 0.9.0 64bit (HKLM\...\swift 0.9.0) (Version: 0.9.0 - swift Project)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Telegram Desktop version 1.8.13 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.13 - Telegram FZ-LLC)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Tirana Intl` Airport - Albania 1.0 FSX (HKLM-x32\...\latixfsx1) (Version: 1.0 FSX - TropicalSim)
TOGA - ENVSHADE v1.0 (HKLM-x32\...\TOGA-ENVSHADE-AC95BBC1-68C7-48AA-AABC-47B3B2E52C09_is1) (Version: 1.0.0.0 - SimMarket)
TOGA_ENVTEX_1.2.0 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.2.0 - SimMarket)
TOPCAT 2.74 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 - FSS GmbH)
TOPER Calculator Tool version 1.8 (HKLM-x32\...\{92B07EA8-479E-4308-85B2-4A4B21554B33}_is1) (Version: 1.8 - Nikola Jovanovic)
Turbulent Terminal 2.4.4.0 (HKLM\...\{6E23BCF4-8093-4211-9050-D98353E5D830}) (Version: 2.4.4.0 - Turbulent Designs)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultimate Ground Crew X (HKLM-x32\...\Ultimate Ground Crew X ) (Version: - )
Ultimate Terrain Lights For FSX (HKLM-x32\...\Ultimate Terrain Lights For FSX) (Version: - )
Ultimate Terrain X - Europe V2.1 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - Europe V2.1 (FSX Support)) (Version: - )
Ultimate Terrain X - USA V2.3 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - USA V2.3 (FSX Support)) (Version: - )
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
URMM-2018 (HKLM-x32\...\{D65B8395-701B-4FED-94E5-30281FDD7E64}) (Version: 1.0.0 - STTS-PC (Tsyba Andrey))
utLive Fall/Winter 2018 Schedule (HKLM-x32\...\F1UTLive) (Version: 1.0.0.0 - Flight One Software)
UTX Europe V2.1 Install Manager (HKLM-x32\...\UTX Europe V2.1 Install Manager) (Version: - )
UTX USA V2.3 Install Manager (HKLM-x32\...\UTX USA V2.3 Install Manager) (Version: - )
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VFXCentral version 1.0.0.92 (HKLM-x32\...\VFXCentral_is1) (Version: 1.0.0.92 - OldProp Solutions Inc.)
Viber (HKLM-x32\...\{36E3DCB1-78E8-405A-8088-DFEE6BAB7BFF}) (Version: 6.8.2.878 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{190bc592-977d-4ebf-be51-225bed62e481}) (Version: 6.8.2.878 - Viber Media Inc.)
Video Downloader Converter (HKLM-x32\...\{1AB4F3A2-5033-5E70-7E46-A0BC12DDE448}) (Version: 3.14.8.6433 - Allavsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{560E475D-C5B0-4F8C-A21B-522CCC364D5B}) (Version: 15.0.3 - VMware, Inc.)
VMware Workstation (HKLM\...\{C6633647-27D4-4474-9195-5EEEF0E2EC06}) (Version: 14.1.3 - VMware, Inc.)
vPilot (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\vPilot) (Version: 2.2.2 - Ross Carlson)
Warface (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Warface) (Version: 1.316 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\WhatsApp) (Version: 0.3.4941 - WhatsApp)
WhoCrashed 6.60 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.50 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Acer Inc. Monitor (07/22/2012 1.0.0.0) (HKLM\...\8406B4755454697EF76881B741E08B055E4FA25D) (Version: 07/22/2012 1.0.0.0 - Acer Inc.)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/17/2012 1.17.65.11) (HKLM\...\39FCA3B1E44BB5B526E74F29B111ACB49ABC9017) (Version: 09/17/2012 1.17.65.11 - JMicron Technology Corp.)
Windows Driver Package - Phantom TAP-Windows Provider V9 (phantomtap) Net (11/05/2014 9.00.00.21) (HKLM\...\E86C43F8EA2789061467821169F2000B9944C0BE) (Version: 11/05/2014 9.00.00.21 - Phantom TAP-Windows Provider V9)
Windows Driver Package - Razer (HidUsb) HIDClass (11/20/2012 1.01) (HKLM\...\BE7F5114C00B9A620315841E988BBFAAEE165683) (Version: 11/20/2012 1.01 - Razer)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 10.1.3.2130) (HKLM\...\47974EDC781C5B49C74F733E14FC298A782DA59E) (Version: 05/23/2018 10.1.3.2130 - Silicon Laboratories Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinTools.net Premium version 18.0.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.0.1 - WinTools Software Engineering, Ltd.)
Wise Disk Cleaner 10.2.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.2.5 - WiseCleaner.com, Inc.)
WX Advantage Radar (HKLM-x32\...\{BA4156D4-A599-47BB-9844-9E351F7A9404}) (Version: 1.1.2018.1220 - MILVIZ REX Game Studios, LLC.)
WYSIWYG Web Builder 14.1.0 (HKLM-x32\...\WYSIWYG Web Builder 14_is1) (Version: 14.1.0 - Pablo Software Solutions)
XPFlightPlanner (uninstall) (HKLM-x32\...\XPFlightPlanner) (Version: - )
Агент Dating.ru (HKLM-x32\...\{BA9235A8-9B90-8B57-A43A-F23570C4D4E7}) (Version: 1.1.6 - UNKNOWN) Hidden
Агент Dating.ru (HKLM-x32\...\ru.dating.Client) (Version: 1.1.6 - UNKNOWN)
ВидеоМАСТЕР 12.0 (HKLM-x32\...\{42469BAA-1E65-4267-922E-3D10A0E491F1}_is1) (Version: 12.0 - AMS Software)
Игровой центр (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\GameCenter) (Version: 4.1514 - ООО Мэйл.Ру)
Периодическая система (HKLM-x32\...\Периодическая система) (Version: - )
Экипаж 4.0 для FSX(P3D) (HKLM\...\CREWRD) (Version: 4.0.5.0 - Роман Девятериков)
Экранная Камера 4.0 (HKLM-x32\...\Экранная Камера_is1) (Version: 4.0 - AMS Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\homepc\Desktop\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Периодическая система.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Справка.lnk -> C:\Program Files (x86)\Periodic Table\Table.chm () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Таблица Менделеева.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Химический калькулятор.lnk -> C:\Program Files (x86)\Periodic Table\ChemCalc.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Удалить программу Экипаж 4.0 FSX(P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Uninstall.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0.Руководство пользователя.lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Экипаж 4.0.Руководство пользователя.pdf () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
Shortcut: C:\Users\Public\Desktop\1C Предприятие.lnk -> C:\Program Files\1cv8\common\1cestart.exe (1C-Soft LLC) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Видео МАСТЕР.lnk -> C:\Program Files (x86)\ВидеоМАСТЕР\VideoMASTER.exe (AMS Software) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Экранная Камера.lnk -> C:\Program Files (x86)\Экранная Камера\ScreenCapture.exe (AMS Software) <==== Cyrillic

ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Деинсталляция.lnk -> C:\Program Files (x86)\Periodic Table\UNWISE.EXE () -> C:\PROGRA~2\PERIOD~1\INSTALL.LOG <==== Cyrillic
ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-12-24 16:58 - 2016-04-01 08:30 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000154112 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000075776 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000544256 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000079872 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000238080 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000272896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000124416 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 17:07 - 2019-03-05 17:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000217600 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000008192 _____ () [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2004-09-30 21:15 - 2004-09-30 21:15 - 000192000 _____ () [File not signed] C:\Program Files\LinkShellExtension\RockallDLL.dll
2018-11-27 01:19 - 2018-11-09 11:52 - 001801728 _____ () [File not signed] C:\Program Files\Loaris Trojan Remover\shellext.dll
2017-08-04 23:22 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2017-08-04 23:22 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000189952 _____ (Bigfoot Networks, Inc.) [File not signed] C:\WINDOWS\system32\BfLLR.dll
2016-04-19 21:53 - 2016-04-19 21:53 - 000752640 _____ (Hermann Schinagl) [File not signed] C:\Program Files\LinkShellExtension\HardlinkShellExt.dll
2017-08-23 17:09 - 2016-10-04 17:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-08-04 23:22 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\Logger.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\TcpServer.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 001115648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Jeppesen\CDA\libcurl.dll
2016-09-14 21:12 - 2016-09-14 21:12 - 000202752 _____ (TOSHIBA CLIENT SOLUTIONS CO., LTD.) [File not signed] C:\WINDOWS\System32\tbtmon.dll
2009-06-19 09:57 - 2019-05-15 16:50 - 000079176 ____R (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll
2013-06-18 18:51 - 2013-06-18 18:51 - 000057344 _____ (TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
2014-01-20 09:25 - 2014-01-20 09:25 - 000683520 _____ (TOSHIBA) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll
2019-03-17 09:56 - 2019-03-17 09:56 - 006790576 _____ (VMware, Inc. -> VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmwarebase.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-19 00:03 - 2019-10-05 12:40 - 000003856 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 www.cbr.ru
127.0.0.1 ccp.leosh.com
127.0.0.1 fs2.fs2crew.com
127.0.0.1 www.topcatsim.com
127.0.0.1 topcatsim.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
255.255.255.255 broadcasthost
127.0.0.1 local
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com

2018-06-28 00:48 - 2018-12-22 17:41 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.97.225 SIMPC.mshome.net # 2023 12 4 21 14 41 34 580

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\python27\;c:\python27\scripts;c:\python37\scripts\;c:\python37\;c:\program files\python37\scripts\;c:\program files\python37\;c:\program files (x86)\python37-32\scripts\;c:\program files (x86)\python37-32\;c:\program files (x86)\common files\oracle\java\javapath;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\putty\;c:\program files\microsoft sql server\120\tools\binn\;c:\windows\system32\openssh\;c:\program files (x86)\universal extractor;c:\program files (x86)\universal extractor\bin;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Process Lasso\;
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Zaxar Games Browser.lnk"
HKLM\...\StartupApproved\Run32: => "Process Killer"
HKLM\...\StartupApproved\Run32: => "QW787_v1.1.2a_update"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "FlightPlan"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\StartupFolder: => "Disk-O.lnk"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "agent.desktop"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "TeamSpeak 3 Client"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Task Killer"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "MailRuUpdater"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7EB13BC-B524-4B34-B19F-D9252E895FEC}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{92431C8F-8783-4B6D-BCD2-1F049D5E86A4}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{9EED2BA5-FD20-486D-A536-8BE733CF5298}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [UDP Query User{B2A2C08F-CF13-4F50-87B1-4404290DE6BC}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{B3B0E0F5-B6B9-4E6B-A579-8F2FF7DCD539}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{24AE18E1-376C-4C8C-88E3-756AD6E8F1FF}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{ECB6E938-BA55-4A79-9667-8CC59F907BED}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [{0C662D46-90B2-4A0D-993E-7B5AB74B63CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{447C1BF0-D395-408A-86B4-E79CB6CC4CA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E94FD67-2E65-4486-9C7A-0C23FED70134}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4556C8C8-5AB1-4441-A9F9-987E79AA2B07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [{D03D69C1-EFB2-450C-80BD-8FBEEF9671C2}] => (Allow) LPort=27018
FirewallRules: [{D68F1B17-D4AA-4299-9D3B-48C73F8E5FB7}] => (Allow) LPort=27018
FirewallRules: [{0858CDC2-5CA3-40AF-B904-1AD8657E51A1}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{CEB90DB5-53E8-4607-80E9-5339C6746EF2}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{3DAFD2DE-D713-4E2A-9600-17B452C2ED4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{054C41F6-66CE-42A8-9A1A-B8DEA1C550D3}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [TCP Query User{5FEB811F-332F-49F5-A162-B5BA002A663C}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [{CB77D2EC-DC39-422D-B413-39FBEC336DE9}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{595CA0CE-2A7E-4470-9BB6-38F103433F2B}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{4AA8CF2B-66F9-4BFC-9E0B-AA8F5885294E}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{3B107FF7-F480-4907-A4FB-3F7714F7BE68}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{5C744760-F3B0-4319-A879-D89B8A1074AA}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AEB22A63-9FA3-4A4A-9A44-7161B50FCDC3}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{C0460C5C-3A66-4632-97EB-070ACEF26479}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [UDP Query User{0B2BF0B2-41FE-4B71-8520-8AC3007D7720}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{53348E58-461E-4258-BA66-E91017C0FD16}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{B6AE70F1-BDF0-4E62-BB94-516B7C324753}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{5CDFCF59-26B3-4B69-8E06-3C02C9CAB553}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{96B991BD-E11E-4548-9A9C-E6186C8D7429}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{C1BFE00F-2415-4D08-80C1-F93BD570C451}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [UDP Query User{D6A2C165-78FE-4057-B833-DA43AE6503AB}C:\users\homepc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\homepc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{69B5317C-1829-47BC-B6F8-FC3D7C762C5F}C:\users\homepc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\homepc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{CE150DCC-B59C-4C0A-84EC-A60E8D542E34}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [TCP Query User{6EEACA57-4BBA-4634-9AD6-E4D2909A72E8}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [UDP Query User{02B17218-6FD4-4E07-A75F-51FBF71F5D0F}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{0A23C4E4-7622-48FB-861E-B7A7591414CF}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [UDP Query User{597CD9F4-E3D7-40B6-9CDD-545570488EF1}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{8B0212FC-66C6-4010-8DAB-2E9961FC3AAB}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [{23158DF7-2097-46A7-AAA2-B739F542D4A6}] => (Allow) LPort=19285
FirewallRules: [{2EF28D36-9962-4A7F-B599-927EEBA615D0}] => (Allow) LPort=19286
FirewallRules: [{39946E2F-5309-4F07-9D92-7E60D7D6D67D}] => (Allow) LPort=445
FirewallRules: [UDP Query User{6FA38C0B-2E44-43D9-930A-17C0CE6C8C41}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{FDFE1363-85A9-4896-AB5D-BC9765D67B61}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [UDP Query User{FA937985-DF0A-441E-A4AE-3A8FF5ADFF45}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{62ADDCD2-0570-4D2B-9E68-21B1713CBEC4}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{833BF29F-12FA-49D5-917F-D724EBE42016}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{026AADEC-B7C9-43C4-8B29-2DB65A9C9783}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6DC23AF1-4C8C-4F51-84B4-9C6F82AAF961}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7BA7B256-F089-4113-B38A-BD78E124F346}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D941EE11-D952-4076-8E61-210B28CDE073}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74176E21-E284-4ABB-881F-40023BCC5D55}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4846AC10-8DC2-446A-A653-14DFAED774F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [TCP Query User{676F5E36-DD33-4686-A370-1DE14D98E204}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [UDP Query User{57E59788-28E4-4FAA-8C3A-F19862BE5DCE}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [TCP Query User{521C2D40-5606-4928-905D-DB2E64B5ABEF}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [UDP Query User{192EBD3D-8889-41DD-95CA-C42AF1DAE9BC}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [TCP Query User{63F67D4A-6965-4ED5-B763-04B7EF3A6830}C:\users\homepc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\homepc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{616DE78A-C5E9-4805-A0DF-F2F5E199E066}C:\users\homepc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\homepc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [{AD70EFAA-5E40-4138-970E-D3248BF9453C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9A3DD3D7-7F37-4ADF-86CE-5CA55A9CCEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{00049BA3-0170-46EA-8D25-5ADA116BAB9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{349911C9-75D0-4039-8A34-B0EECD22005C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FC842B5E-859A-492A-A1E2-657B9D834C7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F8CAC48E-0182-43FD-9D01-AD3BAA83F4F7}] => (Block) C:\Program Files (x86)\Bandicam\bdcam.exe (Bandicam Company -> Bandicam Company)
FirewallRules: [{BDC01F6C-FAA2-4298-A8D4-3BEBB430A494}] => (Block) C:\Program Files (x86)\Bandicam\bdcam64.bin (Bandicam Company -> Bandicam Company)
FirewallRules: [{58CD9C7E-D45D-4579-B7D5-F142ED853DCF}] => (Block) C:\Program Files (x86)\Bandicam\bdcam.exe (Bandicam Company -> Bandicam Company)
FirewallRules: [{71293ADC-FE54-42FE-A30D-D1665AB7961C}] => (Block) C:\Program Files (x86)\Bandicam\bdcam64.bin (Bandicam Company -> Bandicam Company)
FirewallRules: [{FD137F40-0F90-480A-8DAA-985FEBF1FDC0}] => (Allow) C:\KMS Tools Portable 15.02.2019 by Ratiborus\Programs\AAct Network v1.1.7 Portable\AAct_Network_x64.exe (WZTeam -> ) [File not signed]
FirewallRules: [{BC44CDA3-02C2-4602-8FEF-FF7152850E5E}] => (Allow) C:\KMS Tools Portable 15.02.2019 by Ratiborus\Programs\AAct Network v1.1.7 Portable\AAct_Network_x64.exe (WZTeam -> ) [File not signed]
FirewallRules: [{930BC321-7152-43CE-BDAC-D2AEC9743674}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C3F51683-AF61-4E18-8EB1-00C7408B5980}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{576A76CB-53C4-4743-8AF6-9E6207DCD6EA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{8C14099A-FC0D-4A2E-A749-BFF13E10F1C3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{684DE1AE-9DE5-4848-AB0E-C8C2F2ABCB33}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{960AB28A-53D9-4A30-8EC3-D7EE522B4DE4}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3B74F7E-4E85-4B55-A412-89FD511193E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E414530-A57C-4D99-9AD0-04199D8F0B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8650815-BA84-4AEE-97BD-301147899700}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{3ED8FFCD-9FB8-41B7-8F01-BC42F28CDAE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25611D40-D1A2-48F2-B5BC-CF3A1045319E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2799090-26FC-4FC6-BDFC-B7449E64C66A}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{A836BF80-D6CC-453F-B190-DCD289E7F13D}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{845C5C83-CE0A-4EE4-9140-BA844E868477}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F935380-61F5-47D2-AEE7-77C09CFC0E6B}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{29EAFA0F-4DA8-480D-A009-5EAEFFDD33D1}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{711D19CA-24AF-4AEE-B8A9-3520A4F649AA}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{BFC8316C-DDE7-4D75-A171-BD28A00672BB}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{9475C2EF-D956-4335-8966-3E10261F2551}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{10A22D99-92AE-42FE-8F2F-ACBFC91B1CDE}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{1A34BEEF-DCDE-4DCD-8417-FCE61D6BBD60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => c:\windows\system32\lvcod64.dll [398360 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => c:\windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => c:\windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => c:\windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.SCPR] => C:\Windows\SysWOW64\SCPR.dll [367116 2012-06-13] (Infognition Co. Ltd.) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Standard SATA AHCI Controller
Description: Standard SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard SATA AHCI Controller
Service: storahci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2019 06:42:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 06:42:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 06:42:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 06:42:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 06:40:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 06:40:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 06:40:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 06:40:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat


System errors:
=============
Error: (10/07/2019 06:41:17 PM) (Source: DCOM) (EventID: 10016) (User: SIMPC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user SIMPC\homepc SID (S-1-5-21-2357164880-557895980-647672482-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 06:41:17 PM) (Source: DCOM) (EventID: 10016) (User: SIMPC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user SIMPC\homepc SID (S-1-5-21-2357164880-557895980-647672482-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 06:40:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 06:40:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 06:38:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error: (10/07/2019 06:38:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (10/07/2019 06:38:13 PM) (Source: Service Control Manager) (EventID: 7041) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service was unable to log on as .\homepc with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: 1C:Enterprise 8.3 Server Agent (x86-64)
Domain and account: .\homepc

This service account does not have the required user right "Log on as a service."

User Action

Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (10/07/2019 06:38:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CG6Service service failed to start due to the following error:
The system cannot find the path specified.


CodeIntegrity:
===================================

Date: 2019-10-07 18:44:18.814
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 18:43:18.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 18:42:18.798
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 18:41:18.803
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 18:40:18.953
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-07 18:40:18.926
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-07 18:40:18.889
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-07 18:40:18.862
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4d 12/12/2011
Motherboard: Gigabyte Technology Co., Ltd. G1.Guerrilla
Processor: Intel(R) Core(TM) i7 CPU 980 @ 3.33GHz
Percentage of memory in use: 34%
Total physical RAM: 12286.42 MB
Available physical RAM: 8088.19 MB
Total Virtual: 19198.42 MB
Available Virtual: 14427.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.78 GB) (Free:6.6 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (simdisk) (Fixed) (Total:119.24 GB) (Free:0 GB) NTFS
Drive e: (FILMS) (Fixed) (Total:931.51 GB) (Free:66.54 GB) NTFS
Drive f: (storage2) (Fixed) (Total:465.75 GB) (Free:0.67 GB) NTFS
Drive g: () (Fixed) (Total:55.89 GB) (Free:0.68 GB) NTFS
Drive h: (backup) (Fixed) (Total:931.51 GB) (Free:2.56 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c2d32257-0000-0000-0000-80b81b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2d32257-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F477C05A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 55.9 GB) (Disk ID: 465FB6DD)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C2D32257)
Partition 1: (Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FB81C632)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: FB81C633)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
I notice that you are using a method to bypass activation of licensed software. Doing so is contrary to Sysnative's Forum rules and I cannot provide further assistance unless you have completely removed all traces of such methods.
 
Corrine said:
I notice that you are using a method to bypass activation of licensed software. Doing so is contrary to Sysnative's Forum rules and I cannot provide further assistance unless you have completely removed all traces of such methods.
Click to expand...
ok iam very sorry. this is latest logs

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by homepc (07-10-2019 23:26:20)
Running from C:\Users\homepc\Desktop\Tor Browser
Windows 10 Pro Version 1809 17763.775 (X64) (2018-12-16 19:38:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2357164880-557895980-647672482-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2357164880-557895980-647672482-503 - Limited - Disabled)
Guest (S-1-5-21-2357164880-557895980-647672482-501 - Limited - Disabled)
homepc (S-1-5-21-2357164880-557895980-647672482-1001 - Administrator - Enabled) => C:\Users\homepc
newuser (S-1-5-21-2357164880-557895980-647672482-1010 - Administrator - Enabled) => C:\Users\newuser
test (S-1-5-21-2357164880-557895980-647672482-1002 - Administrator - Enabled) => C:\Users\test
WDAGUtilityAccount (S-1-5-21-2357164880-557895980-647672482-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Dr.Web Security Space (Disabled - Up to date) {1F0B3F76-4795-94AD-DF9E-2678C33ACA8F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Dr.Web Firewall (Disabled) {2730BE53-0DFA-95F5-F4C1-8F4D3DE98DF4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
µTorrent (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
µTorrent 3.5.1 (HKLM-x32\...\µTorrentPro 3.5.1 Build 44358) (Version: - )
1C:Предприятие 8 (x86-64) (8.3.13.1690) (HKLM\...\{EE557440-904A-48D6-B8B9-F583F83E58D7}) (Version: 8.3.13.1690 - 1С-Софт)
3DMark (HKLM\...\{2B039C20-A45C-42F6-8BD2-4BD6A145A4FA}) (Version: 2.6.6233.0 - UL) Hidden
3DMark (HKLM-x32\...\{489449ac-3782-4a02-89b0-0aeeb367be04}) (Version: 2.6.6233.0 - UL)
4K Video Downloader (HKLM-x32\...\4K Video Downloader) (Version: - Open Media LLC)
4K Video Downloader 4.4.11.2412 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.4.11.2412 - lrepacks.ru)
4K Video Downloader 4.7.0.2602 (HKLM\...\4K Video Downloader_is1) (Version: 4.7.0.2602 - lrepacks.ru)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aarhus Airport X 1.4 (HKLM-x32\...\Aarhus Airport X 1.4) (Version: - )
ACARS Airborne 1.9 (HKLM-x32\...\ACARS Airborne_is1) (Version: - )
ACARS Dispatch 2.2 (HKLM-x32\...\Dispatch_is1) (Version: - )
Accu-Feel (HKLM-x32\...\Accu-Feel) (Version: - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version: - )
Accu-Feel v2 for Prepar3D v4 (HKLM\...\{D7AC696B-DF75-47FE-BF2F-81BCB3CFE518}) (Version: 2.1 - A2A Simulations Inc.) Hidden
Accu-Feel v2 for Prepar3D v4 (HKLM\...\Accu-Feel v2 for Prepar3D v4 2.1) (Version: 2.1 - A2A Simulations Inc.)
AccuMap (HKLM-x32\...\{FF800A09-B165-4CE4-878D-73E100822409}_is1) (Version: 1.2.0 - MothTech)
Active Sky 2016 for FSX (HKLM-x32\...\{25567157-5441-4731-9703-46c506d029c7}_is1) (Version: 1.0.6452.28386 - HiFi Technologies, Inc.)
Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6909.23676 - HiFi Technologies, Inc.)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6255.21938 - HiFi Technologies, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - FlightSim Commander 9 (HKLM-x32\...\{F941AABE-E868-42D9-9F38-884250F7898A}) (Version: 9.7.0.0 - aerosoft)
Aerosoft's - Simcheck Airbus A300B4-200 (HKLM-x32\...\{40C5DFE3-3B86-4151-A225-C7B28ACEFEB7}) (Version: 2.01 - Aerosoft)
Aerosoft's - Simcheck Airbus A300-FMC-add-on - FSX (HKLM-x32\...\Simcheck Airbus A300-FMC-add-on - FSX) (Version: 1.02 - Aerosoft)
AFSD v4.43 (HKLM-x32\...\AFSD_is1) (Version: 4.43 - Hervй Sors)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
AI Lights Reborn Free Edition (HKLM-x32\...\{46C94EA0-957E-11E7-6784-002FAB2F18BE}) (Version: 3.3.4 - Flight Sim Technologies)
AIControllerV20A (HKLM-x32\...\{730735EE-2AB1-408E-A09B-5EA6AA5A6A2A}) (Version: 2.0.1.0 - AIController)
AIDA64 (HKLM-x32\...\AIDA64) (Version: 6.10.5200 - FinalWire Ltd.)
AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 5.99.4900 - )
AILGenerator 4.9 (HKLM-x32\...\AILGenerator_is1) (Version: - Nico Kaan)
AirHauler 2 (HKLM-x32\...\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}) (Version: 1.00.5 - Just Flight)
Airport Design Editor 175 (HKLM-x32\...\ScruffyDuckSoftwareADE175) (Version: 1.75.6410.0 - ScruffyDuck Software)
Aiseesoft Video Downloader (HKLM-x32\...\{0CDC63F0-BDD6-09A4-CC0E-88C6B2CC27AA}) (Version: 6.0.88 - Aiseesoft Studio)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.16 - AivlaSoft )
AivlaSoft EFB2 Client (HKLM-x32\...\AivlaSoft EFB2 Client) (Version: 2.1 - Apprimus Informatik GmbH)
AivlaSoft EFB2 Server (HKLM-x32\...\AivlaSoft EFB2 Server) (Version: 2.1 - Apprimus Informatik GmbH)
AJPC v2.41 (HKLM-x32\...\AJPC_is1) (Version: 2.41 - Hervй Sors)
Allavsoft 3.16.4.6852 (HKLM-x32\...\Allavsoft_is1) (Version: 3.16.4.6852 - lrepacks.ru)
ALTVPN.com version 1.3 (HKLM-x32\...\{C6C3EC46-801F-4FDA-9BC2-D9AF255BA7D4}_is1) (Version: 1.3 - ALTVPN.com)
ARMI Project - Muscat OOMS FSX (HKLM-x32\...\ARMI Project - Muscat OOMS FSX) (Version: - )
ASConnect 2016 for FSX Installer (HKLM-x32\...\{7ef6df55-324a-418f-8d41-80ec539e6cf4}_is1) (Version: 1.0.0.37 - HiFi Technologies, Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Auslogics Driver Updater 1.20.1.0 (HKLM-x32\...\Auslogics Driver Updater_is1) (Version: 1.20.1.0 - Auslogics Labs Pty Ltd)
AUTHGURU (HKLM-x32\...\{E828A555-B89D-4041-BF92-9F08FD774978}) (Version: 9.4 - Bastion Infotech Pvt Ltd)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BestMonitor 2.01 (HKLM-x32\...\BestMonitor_is1) (Version: - BestChange.ru)
Bigfoot Networks Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks) Hidden
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
BlackBox Simulation - PreFlight Manager (HKLM-x32\...\BlackBox Simulation-PreFlightManager) (Version: 1.0.6600 - BlackBox Simulation)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.20.02(T) - Toshiba Client Solutions Co., Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boson NetSim 10 (HKLM-x32\...\{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC) Hidden
Boson NetSim 10 (HKLM-x32\...\InstallShield_{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC)
Boson NetSim 11 (HKLM-x32\...\{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC) Hidden
Boson NetSim 11 (HKLM-x32\...\InstallShield_{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC)
BSS FSL A320 CFM V2 (HKLM-x32\...\BSS FSL A320 CFM V2) (Version: - )
BSS FSL A320 IAE V2.1 (HKLM-x32\...\BSS FSL A320 IAE V2.1) (Version: - )
BurnInTest v9.0 Pro (HKLM\...\BurnInTest_is1) (Version: 9.0.1010.0 - Passmark Software)
CA ERwin Process Modeler r7.3 (HKLM-x32\...\{CEEFB6A4-A02B-4A34-BAAB-200D9B7448B4}) (Version: 7.003.1773 - CA, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: - )
ChasePlane XEdition (HKLM-x32\...\{CB51E288-3016-47E2-A401-A15BA5AA3F97}_is1) (Version: 1.0.26 XE.1 - ChasePlane (XEdition))
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DigitalDesign - ULLI v1.1 (HKLM-x32\...\DIGITALDESIGN-ULLI-F5F8C557-F53A-4D45-8CB1-82FDF84BD7C7_is1) (Version: 1.0.0.0 - SimMarket)
Discord (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk-O (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{EB6332D7-3C3F-43AC-B332-4DC6E4EFE0C6}_is1) (Version: 18.02.0001 - Mail.Ru Group)
DMD-URKK (HKLM-x32\...\DMD-URKK-B32DCA3D-5D97-4A80-A969-60A961FD5E5D_is1) (Version: 1.0.0.0 - SimMarket)
Domodedovo International Airport v1.1 (HKLM-x32\...\MDESIGN_DOMODEDOVO_INTL_is1) (Version: 1.2.0.0 - SimMarket)
Download Master 6.16.1.1595 (HKLM-x32\...\Download Master_is1) (Version: 6.16.1.1595 - NEO)
Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
Driver Easy 5.6.8 (HKLM\...\DriverEasy_is1) (Version: 5.6.8 - Easeware)
DXGL 0.5.12 (HKLM-x32\...\DXGL) (Version: 0.5.12 - William Feely)
Eaglesoft Citation X 750 2.0 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Eaglesoft Citation X 750 2.0 ) (Version: - )
EasyNavs v5.13 (HKLM-x32\...\EasyNavs_is1) (Version: 5.13 - Hervй Sors)
EFASS version NG (HKLM-x32\...\{C99177FE-4E7B-46CA-B3C2-73581D4063C1}_is1) (Version: NG - Froom Simulation Software)
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
Electrum (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.2.0.1 - TOGA projects)
EXEStealth (HKLM-x32\...\EXEStealth) (Version: - )
EZdok Camera Version 2 (HKLM-x32\...\EZdok Camera Version 2) (Version: - )
F1 GTN Complete (HKLM-x32\...\F1GTN) (Version: 2.12 - Flight1 Aviation Technologies)
FLAi Operations Center (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9c54cef4273db6f7) (Version: 1.0.0.18 - BVARTCC)
Flight Environment X (HKLM-x32\...\Flight Environment X) (Version: - )
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Purchase Agent (HKLM-x32\...\Flight1 Purchase Agent) (Version: - )
FlightFX (remove only) (HKLM-x32\...\FlightFX) (Version: - )
Fly The Maddog X 32bit Edition for FSX (HKLM-x32\...\Fly The Maddog X 32bit Edition for FSX) (Version: - )
ForceBindIP (HKLM-x32\...\ForceBindIP) (Version: - )
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FS Cabin Crew Full Edition (HKLM-x32\...\{033F002F-BF4E-45E5-8522-823B87ED75D2}) (Version: 1.00.0000 - drubware.net)
FS Decelerate version 1.0 (HKLM-x32\...\{F7FDD01F-AC31-4923-92EC-D52D04311583}_is1) (Version: 1.0 - Nikola Jovanovic)
FS Real Time v1.98.1 (HKLM-x32\...\FS_Real_Time) (Version: - )
FS2XPlane (HKLM-x32\...\FS2XPlane) (Version: 3.26 - Jonathan Harris <x-plane@marginal.org.uk>)
FSAirlines Client (HKLM-x32\...\FSAirlines Client) (Version: - )
FSBuild 2 (HKLM-x32\...\FSBuild 2) (Version: 1 - EA)
Fsbuild 2.4.0.32 (HKLM-x32\...\Fsbuild 2.4.0.32) (Version: - )
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSControl v5.06 (HKLM-x32\...\FSControl_is1) (Version: 5.06 - Hervй Sors)
FSDG - Cape Town X FSX (HKLM-x32\...\FSDG - Cape Town X FSX) (Version: - )
FSDreamTeam GSX version 2.7.0 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.7.0 - VIRTUALI Sagl)
FSLabs A320-X Aeroflot livery v1.5 (HKLM-x32\...\FSLabs A320-X Aeroflot livery_is1) (Version: 0.1.5.0 - FlightSimLabs, Ltd.)
FSLabs A320X Binaries v1.0.1.310 for FSX (HKLM-x32\...\A320X_FSX_Binaries_is1) (Version: 1.0.1.310 - FlightSimLabs, Ltd.)
FSLabs A320X Resources v1.0.1.400 for FSX (HKLM-x32\...\A320X_FSX_Resources_is1) (Version: 1.0.1.400 - FlightSimLabs, Ltd.)
FSLSpotLights v1.0.0.38 (HKLM-x32\...\FSLSpotLights_is1) (Version: 1.0.0.38 - FlightSimLabs, Ltd.)
FSrealWX 3.01.1725 (HKLM-x32\...\FSrealWX 3.0_is1) (Version: 3.01.1725 - Hanse-Coders)
FSrealWX Pro Version 2.04.866 (HKLM-x32\...\FSrealWX Pro_is1) (Version: 2.04.866 - Hanse-Coders)
FSrealWX Server Version 1.00.80 (HKLM-x32\...\FSrealWX Server_is1) (Version: 1.00.80 - Hanse-Coders.)
FSTramp (HKLM-x32\...\{0B3EAF6B-BBF1-45EF-B4DA-D16DC7574507}_is1) (Version: 7.26 - Team FSTramp)
Futuremark SystemInfo (HKLM-x32\...\{54A3802E-DFED-4235-85A7-A604FE1CC64D}) (Version: 5.14.693.0 - Futuremark)
FxSound Enhancer (HKLM-x32\...\FxSound Enhancer) (Version: 13.027 - FxSound)
Garmin Aviation Checklist Editor (HKLM-x32\...\{51B555C4-F02B-44A5-8710-8EFE8FCB0589}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Aviation Trainers (HKLM-x32\...\{ebaa1977-06b1-4bef-8e97-ee6421df8e96}) (Version: 2.5.0.0 - Garmin)
Garmin GTN Trainer (HKLM-x32\...\{6DFD1B14-A965-4729-AFB9-408447388AB3}) (Version: 6.62.0.0 - Garmin) Hidden
Garmin Trainer Databases (HKLM-x32\...\{ABD210BC-DB31-4B6C-A342-B022F6FC9945}) (Version: 2.5.0.0 - Garmin) Hidden
Garmin Trainer Launcher (HKLM-x32\...\{95C42791-3D93-4234-9710-8460719D1585}) (Version: 2.5.0.0 - Garmin) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe)
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: 5.40.10482 - )
HHD Software Hex Editor Neo 6.42 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.42.1.6170 - HHD Software, Ltd.)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyperion EOS Control Data Suite (HKLM-x32\...\{615030C8-3D49-4CC1-BD58-5549107A924B}) (Version: 13.08.20 - Hyperion)
HyperSnap (HKLM\...\{39332DD5-F8B8-D804-EE99-DB3BF785DDA1}) (Version: 8.13.02 - Hyperionics Technology LLC)
HyperSnap (HKLM-x32\...\HyperSnap 8.10.00) (Version: - )
iFly Jets - The 737NG for FSX (HKLM-x32\...\iFly Jets - The 737NG for FSX) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Hotfix 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Hotfix 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1a (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1a) (Version: - )
iFly Jets - The 747-400 V2 for FSX (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX) (Version: - )
iFly737 FSX DVD Customer Update 3.1 (HKLM-x32\...\iFly737 FSX DVD Customer Update 3.1) (Version: - )
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Infognition ScreenPressor v2.1 (Remove Only) (HKLM-x32\...\SCPR) (Version: - )
InnoExtractor 5.2.2.188 (HKLM-x32\...\{406AB259-8887-4257-AE79-78D3BC3E528B}_is1) (Version: 5.2.2.188 - Havy Alegria)
Intel(R) Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{A85094B2-BFE8-4C0D-8FF9-2B139D6A4008}) (Version: 8.7.19627 - iSpring Solutions Inc.)
IvAi v1.0.0 b150 (HKLM\...\IvAi_is1) (Version: - IVAO)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
kACARS - Landing Rate (HKLM-x32\...\{FD1DE517-419E-4AD1-A791-72214057E3AD}) (Version: 1.0.0000 - FS-Products)
Letasoft Sound Booster 1.11.0.505 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.505 - Letasoft LLC)
Level-D 767-300 for FSX (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Level-D 767-300 for FSX) (Version: - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Loaris Trojan Remover 3.0.68 (HKLM\...\Loaris Trojan Remover_is1) (Version: 3.0.68 - lrepacks.ru)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MCDU 2.31 (HKLM-x32\...\MCDU_is1) (Version: - )
MediaHuman YouTube Downloader 3.9.9.10 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.10 - MediaHuman)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MFS Client (HKLM-x32\...\MFS Client) (Version: - )
MFSClientV5 (HKLM-x32\...\MFSClientV5) (Version: - )
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: - )
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM-x32\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 4.0.1.1101 - Flightsim Estonia)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 69.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-GB)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NMG OR Tambo International V4.3 (FSX) (HKLM-x32\...\NMG OR Tambo International V4.3 (FSX)) (Version: - )
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NTLite v1.8.0.7165 (HKLM\...\NTLite_is1) (Version: 1.8.0.7165 - Nlitesoft)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OpenVPN 2.5_git-I602 20170914 refs/heads/master/5fd8e94d31182557 (HKLM\...\OpenVPN) (Version: 2.5_git-I602 - OpenVPN Technologies, Inc.)
OpusFSI Version 5 Flight Simulator Interface (HKLM-x32\...\{98082A12-E24F-4568-B602-B95A3534D91D}) (Version: 5.28.3 - Opus Software Limited)
OpusFSX for FSX and Prepar3D Flight Simulators (HKLM-x32\...\{A6C11E93-4637-4467-B623-AE7F675DF046}) (Version: 3.55.2 - Opus Software Limited)
Oracle VM VirtualBox 5.2.16 (HKLM\...\{9BDE6621-5201-47E9-8394-FF44CBD66A1E}) (Version: 5.2.16 - Oracle Corporation)
OSFMount v2.0 (HKLM\...\OSFMount_is1) (Version: 2.0.1001 - Passmark Software)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.3.1.8 - Bitsum)
Pilots - Almeria LEAM (HKLM-x32\...\Pilots - Almeria LEAM) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion FSX (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PolyLoader (HKLM-x32\...\{2C3BFF40-1468-48F4-8902-DC553874D636}) (Version: 3.5.3 - Yemiez)
Prepar3D v4 Professional Plus (HKLM-x32\...\{33dd160e-e04d-4022-8250-0a7f4b50a542}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.5.12.30293 - Lockheed Martin)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Process Lasso 9.3.0.44 (HKLM\...\Process Lasso_is1) (Version: 9.3.0.44 - Bitsum LLC)
Process Lasso Pro (HKLM-x32\...\Process Lasso Pro) (Version: - )
PSXseeconTraffic 14.6 (HKLM-x32\...\PSXseeconTraffic_is1) (Version: - Nico Kaan)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QSimPlanner version 0.4.8 (HKLM-x32\...\QSimPlanner_is1) (Version: 0.4.8 - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version: - )
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Reg Organizer (HKLM-x32\...\Reg Organizer) (Version: - ChemTable Software)
Reg Organizer 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - lrepacks.ru)
Resource Hacker Version 5.0.42 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Resource Tuner 2.20 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.20 - Heaventools Software)
REX 4 Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{C7BB0C28-2AE4-4AAB-A38B-42CFADDC0EF5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Sky Force 3D for FSX, FSX-Steam, P3Dv3 (HKLM-x32\...\{A4D281C6-83D5-4150-B52D-032DE1465651}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 - PATCH ONLY (HKLM\...\{622205F7-7CC6-4314-9269-8029E4FE0EF8}) (Version: 5.0.2018.0520 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 (HKLM\...\{AAA37EC2-CBC4-4525-999F-12AB2C8542E5}) (Version: 5.0.2018.0508 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{2481E6EB-6771-4507-89BC-3CDC701F7949}) (Version: 5.0.2019.0116 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{556C3051-15D2-4AAF-BC1B-6FCF7F2B5D62}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Soft Clouds - SP3 - Hotfix 5 (HKLM-x32\...\{98C432AB-8BC0-4C76-8336-889E907F955A}) (Version: 4.3.2017.0714 - REX Game Studios, LLC.)
REX Soft Clouds with SP3 - Hotfix 3 (HKLM-x32\...\{656E22EA-EB88-4F68-9F4E-61F6FBF5FF50}) (Version: 4.3.2016.0622 - REX Game Studios, LLC.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
SanityCheck 3.51 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
SceneryTech Africa Landclass v1.0 (HKLM-x32\...\{DA17C501-E443-4371-873C-3C79373A2E33}) (Version: 1.0 - SceneryTech)
SceneryTech Asia Landclass v1.0 (HKLM-x32\...\{F22EE695-4EF1-4188-A209-FD959A494F7B}) (Version: 1.0 - SceneryTech)
SceneryTech North America Landclass v1.4 (HKLM-x32\...\{E91C757A-854C-4057-A67D-7FAE297B2016}) (Version: 1.4 - SceneryTech)
SetFileDate 2.0 (HKLM-x32\...\SetFileDate_is1) (Version: - No Nonsense Software)
SetInstaller (HKLM-x32\...\{53A529DA-F303-466A-BB0F-5308B89854C3}) (Version: 1.00.0000 - RD-soft)
SIDSTAR Converter (HKLM-x32\...\{2FB37C4E-9370-4405-A037-43D23DE258B2}) (Version: 1.30.0000 - Matias Sorcinelli)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SimObject Display Engine (HKLM-x32\...\{C3CEE3FC-84DD-4B1A-8192-5FB8F490319F}) (Version: 1.6.4 - 12bPilot)
SimToolkitPro (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9dee011f30ac205b) (Version: 0.2.2.9 - SimToolkitPro)
Simware's - Valencia X - FSX (HKLM-x32\...\Valencia X - FSX) (Version: 1.14 - Simware)
Sleeping Dogs, версия 2.1 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 2.1 - Other s)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSD Tweaker 4.0.1 (HKLM\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 4.0.1 - elpamsoft.com)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swift 0.9.0 64bit (HKLM\...\swift 0.9.0) (Version: 0.9.0 - swift Project)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Telegram Desktop version 1.8.13 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.13 - Telegram FZ-LLC)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Tirana Intl` Airport - Albania 1.0 FSX (HKLM-x32\...\latixfsx1) (Version: 1.0 FSX - TropicalSim)
TOGA - ENVSHADE v1.0 (HKLM-x32\...\TOGA-ENVSHADE-AC95BBC1-68C7-48AA-AABC-47B3B2E52C09_is1) (Version: 1.0.0.0 - SimMarket)
TOGA_ENVTEX_1.2.0 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.2.0 - SimMarket)
TOPCAT 2.74 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 - FSS GmbH)
TOPER Calculator Tool version 1.8 (HKLM-x32\...\{92B07EA8-479E-4308-85B2-4A4B21554B33}_is1) (Version: 1.8 - Nikola Jovanovic)
Turbulent Terminal 2.4.4.0 (HKLM\...\{6E23BCF4-8093-4211-9050-D98353E5D830}) (Version: 2.4.4.0 - Turbulent Designs)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultimate Ground Crew X (HKLM-x32\...\Ultimate Ground Crew X ) (Version: - )
Ultimate Terrain Lights For FSX (HKLM-x32\...\Ultimate Terrain Lights For FSX) (Version: - )
Ultimate Terrain X - Europe V2.1 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - Europe V2.1 (FSX Support)) (Version: - )
Ultimate Terrain X - USA V2.3 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - USA V2.3 (FSX Support)) (Version: - )
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
URMM-2018 (HKLM-x32\...\{D65B8395-701B-4FED-94E5-30281FDD7E64}) (Version: 1.0.0 - STTS-PC (Tsyba Andrey))
utLive Fall/Winter 2018 Schedule (HKLM-x32\...\F1UTLive) (Version: 1.0.0.0 - Flight One Software)
UTX Europe V2.1 Install Manager (HKLM-x32\...\UTX Europe V2.1 Install Manager) (Version: - )
UTX USA V2.3 Install Manager (HKLM-x32\...\UTX USA V2.3 Install Manager) (Version: - )
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VFXCentral version 1.0.0.92 (HKLM-x32\...\VFXCentral_is1) (Version: 1.0.0.92 - OldProp Solutions Inc.)
Viber (HKLM-x32\...\{36E3DCB1-78E8-405A-8088-DFEE6BAB7BFF}) (Version: 6.8.2.878 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{190bc592-977d-4ebf-be51-225bed62e481}) (Version: 6.8.2.878 - Viber Media Inc.)
Video Downloader Converter (HKLM-x32\...\{1AB4F3A2-5033-5E70-7E46-A0BC12DDE448}) (Version: 3.14.8.6433 - Allavsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{560E475D-C5B0-4F8C-A21B-522CCC364D5B}) (Version: 15.0.3 - VMware, Inc.)
VMware Workstation (HKLM\...\{C6633647-27D4-4474-9195-5EEEF0E2EC06}) (Version: 14.1.3 - VMware, Inc.)
vPilot (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\vPilot) (Version: 2.2.2 - Ross Carlson)
Warface (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Warface) (Version: 1.316 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\WhatsApp) (Version: 0.3.4941 - WhatsApp)
WhoCrashed 6.60 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.50 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Acer Inc. Monitor (07/22/2012 1.0.0.0) (HKLM\...\8406B4755454697EF76881B741E08B055E4FA25D) (Version: 07/22/2012 1.0.0.0 - Acer Inc.)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/17/2012 1.17.65.11) (HKLM\...\39FCA3B1E44BB5B526E74F29B111ACB49ABC9017) (Version: 09/17/2012 1.17.65.11 - JMicron Technology Corp.)
Windows Driver Package - Phantom TAP-Windows Provider V9 (phantomtap) Net (11/05/2014 9.00.00.21) (HKLM\...\E86C43F8EA2789061467821169F2000B9944C0BE) (Version: 11/05/2014 9.00.00.21 - Phantom TAP-Windows Provider V9)
Windows Driver Package - Razer (HidUsb) HIDClass (11/20/2012 1.01) (HKLM\...\BE7F5114C00B9A620315841E988BBFAAEE165683) (Version: 11/20/2012 1.01 - Razer)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 10.1.3.2130) (HKLM\...\47974EDC781C5B49C74F733E14FC298A782DA59E) (Version: 05/23/2018 10.1.3.2130 - Silicon Laboratories Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinTools.net Premium version 18.0.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.0.1 - WinTools Software Engineering, Ltd.)
Wise Disk Cleaner 10.2.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.2.5 - WiseCleaner.com, Inc.)
WX Advantage Radar (HKLM-x32\...\{BA4156D4-A599-47BB-9844-9E351F7A9404}) (Version: 1.1.2018.1220 - MILVIZ REX Game Studios, LLC.)
WYSIWYG Web Builder 14.1.0 (HKLM-x32\...\WYSIWYG Web Builder 14_is1) (Version: 14.1.0 - Pablo Software Solutions)
XPFlightPlanner (uninstall) (HKLM-x32\...\XPFlightPlanner) (Version: - )
Агент Dating.ru (HKLM-x32\...\{BA9235A8-9B90-8B57-A43A-F23570C4D4E7}) (Version: 1.1.6 - UNKNOWN) Hidden
Агент Dating.ru (HKLM-x32\...\ru.dating.Client) (Version: 1.1.6 - UNKNOWN)
ВидеоМАСТЕР 12.0 (HKLM-x32\...\{42469BAA-1E65-4267-922E-3D10A0E491F1}_is1) (Version: 12.0 - AMS Software)
Игровой центр (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\GameCenter) (Version: 4.1514 - ООО Мэйл.Ру)
Периодическая система (HKLM-x32\...\Периодическая система) (Version: - )
Экипаж 4.0 для FSX(P3D) (HKLM\...\CREWRD) (Version: 4.0.5.0 - Роман Девятериков)
Экранная Камера 4.0 (HKLM-x32\...\Экранная Камера_is1) (Version: 4.0 - AMS Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\homepc\Desktop\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Периодическая система.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Справка.lnk -> C:\Program Files (x86)\Periodic Table\Table.chm () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Таблица Менделеева.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Химический калькулятор.lnk -> C:\Program Files (x86)\Periodic Table\ChemCalc.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Удалить программу Экипаж 4.0 FSX(P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Uninstall.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0.Руководство пользователя.lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Экипаж 4.0.Руководство пользователя.pdf () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
Shortcut: C:\Users\Public\Desktop\1C Предприятие.lnk -> C:\Program Files\1cv8\common\1cestart.exe (1C-Soft LLC) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Видео МАСТЕР.lnk -> C:\Program Files (x86)\ВидеоМАСТЕР\VideoMASTER.exe (AMS Software) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Экранная Камера.lnk -> C:\Program Files (x86)\Экранная Камера\ScreenCapture.exe (AMS Software) <==== Cyrillic

ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Деинсталляция.lnk -> C:\Program Files (x86)\Periodic Table\UNWISE.EXE () -> C:\PROGRA~2\PERIOD~1\INSTALL.LOG <==== Cyrillic
ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-12-24 16:58 - 2016-04-01 08:30 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000154112 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000075776 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000544256 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000079872 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000238080 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000272896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000124416 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 17:07 - 2019-03-05 17:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000217600 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000008192 _____ () [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2004-09-30 21:15 - 2004-09-30 21:15 - 000192000 _____ () [File not signed] C:\Program Files\LinkShellExtension\RockallDLL.dll
2018-11-27 01:19 - 2018-11-09 11:52 - 001801728 _____ () [File not signed] C:\Program Files\Loaris Trojan Remover\shellext.dll
2019-09-13 02:09 - 2019-07-17 13:09 - 000097280 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\autorun.wdx
2019-09-13 02:09 - 2019-01-11 11:14 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\Autorun_Sysinfo.dll
2019-09-13 02:09 - 2016-02-01 01:03 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\TCFS2Tools.dll
2017-08-04 23:22 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2017-08-04 23:22 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000189952 _____ (Bigfoot Networks, Inc.) [File not signed] C:\WINDOWS\system32\BfLLR.dll
2016-04-19 21:53 - 2016-04-19 21:53 - 000752640 _____ (Hermann Schinagl) [File not signed] C:\Program Files\LinkShellExtension\HardlinkShellExt.dll
2017-08-23 17:09 - 2016-10-04 17:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-08-23 17:09 - 2016-10-04 18:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip32.dll
2017-08-04 23:22 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\Logger.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\TcpServer.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 001115648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Jeppesen\CDA\libcurl.dll
2016-09-14 21:12 - 2016-09-14 21:12 - 000202752 _____ (TOSHIBA CLIENT SOLUTIONS CO., LTD.) [File not signed] C:\WINDOWS\System32\tbtmon.dll
2009-06-19 09:57 - 2019-05-15 16:50 - 000079176 ____R (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll
2013-06-18 18:51 - 2013-06-18 18:51 - 000057344 _____ (TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
2014-01-20 09:25 - 2014-01-20 09:25 - 000683520 _____ (TOSHIBA) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll
2019-03-17 09:56 - 2019-03-17 09:56 - 006790576 _____ (VMware, Inc. -> VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmwarebase.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-19 00:03 - 2019-10-07 23:00 - 000000820 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-06-28 00:48 - 2018-12-22 17:41 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.97.225 SIMPC.mshome.net # 2023 12 4 21 14 41 34 580

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\python27\;c:\python27\scripts;c:\python37\scripts\;c:\python37\;c:\program files\python37\scripts\;c:\program files\python37\;c:\program files (x86)\python37-32\scripts\;c:\program files (x86)\python37-32\;c:\program files (x86)\common files\oracle\java\javapath;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\putty\;c:\program files\microsoft sql server\120\tools\binn\;c:\windows\system32\openssh\;c:\program files (x86)\universal extractor;c:\program files (x86)\universal extractor\bin;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Process Lasso\;
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Zaxar Games Browser.lnk"
HKLM\...\StartupApproved\Run32: => "Process Killer"
HKLM\...\StartupApproved\Run32: => "QW787_v1.1.2a_update"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "FlightPlan"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\StartupFolder: => "Disk-O.lnk"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "agent.desktop"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "TeamSpeak 3 Client"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Task Killer"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "MailRuUpdater"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7EB13BC-B524-4B34-B19F-D9252E895FEC}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{92431C8F-8783-4B6D-BCD2-1F049D5E86A4}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{9EED2BA5-FD20-486D-A536-8BE733CF5298}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [UDP Query User{B2A2C08F-CF13-4F50-87B1-4404290DE6BC}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{B3B0E0F5-B6B9-4E6B-A579-8F2FF7DCD539}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{24AE18E1-376C-4C8C-88E3-756AD6E8F1FF}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{ECB6E938-BA55-4A79-9667-8CC59F907BED}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [{0C662D46-90B2-4A0D-993E-7B5AB74B63CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{447C1BF0-D395-408A-86B4-E79CB6CC4CA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E94FD67-2E65-4486-9C7A-0C23FED70134}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4556C8C8-5AB1-4441-A9F9-987E79AA2B07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [{D03D69C1-EFB2-450C-80BD-8FBEEF9671C2}] => (Allow) LPort=27018
FirewallRules: [{D68F1B17-D4AA-4299-9D3B-48C73F8E5FB7}] => (Allow) LPort=27018
FirewallRules: [{0858CDC2-5CA3-40AF-B904-1AD8657E51A1}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{CEB90DB5-53E8-4607-80E9-5339C6746EF2}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{3DAFD2DE-D713-4E2A-9600-17B452C2ED4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{054C41F6-66CE-42A8-9A1A-B8DEA1C550D3}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [TCP Query User{5FEB811F-332F-49F5-A162-B5BA002A663C}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [{CB77D2EC-DC39-422D-B413-39FBEC336DE9}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{595CA0CE-2A7E-4470-9BB6-38F103433F2B}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{4AA8CF2B-66F9-4BFC-9E0B-AA8F5885294E}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{3B107FF7-F480-4907-A4FB-3F7714F7BE68}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{5C744760-F3B0-4319-A879-D89B8A1074AA}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AEB22A63-9FA3-4A4A-9A44-7161B50FCDC3}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{C0460C5C-3A66-4632-97EB-070ACEF26479}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [UDP Query User{0B2BF0B2-41FE-4B71-8520-8AC3007D7720}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{53348E58-461E-4258-BA66-E91017C0FD16}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{B6AE70F1-BDF0-4E62-BB94-516B7C324753}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{5CDFCF59-26B3-4B69-8E06-3C02C9CAB553}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{96B991BD-E11E-4548-9A9C-E6186C8D7429}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{C1BFE00F-2415-4D08-80C1-F93BD570C451}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [UDP Query User{CE150DCC-B59C-4C0A-84EC-A60E8D542E34}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [TCP Query User{6EEACA57-4BBA-4634-9AD6-E4D2909A72E8}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [UDP Query User{02B17218-6FD4-4E07-A75F-51FBF71F5D0F}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{0A23C4E4-7622-48FB-861E-B7A7591414CF}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [UDP Query User{597CD9F4-E3D7-40B6-9CDD-545570488EF1}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{8B0212FC-66C6-4010-8DAB-2E9961FC3AAB}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [{23158DF7-2097-46A7-AAA2-B739F542D4A6}] => (Allow) LPort=19285
FirewallRules: [{2EF28D36-9962-4A7F-B599-927EEBA615D0}] => (Allow) LPort=19286
FirewallRules: [{39946E2F-5309-4F07-9D92-7E60D7D6D67D}] => (Allow) LPort=445
FirewallRules: [UDP Query User{6FA38C0B-2E44-43D9-930A-17C0CE6C8C41}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{FDFE1363-85A9-4896-AB5D-BC9765D67B61}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [UDP Query User{FA937985-DF0A-441E-A4AE-3A8FF5ADFF45}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{62ADDCD2-0570-4D2B-9E68-21B1713CBEC4}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{833BF29F-12FA-49D5-917F-D724EBE42016}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{026AADEC-B7C9-43C4-8B29-2DB65A9C9783}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6DC23AF1-4C8C-4F51-84B4-9C6F82AAF961}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7BA7B256-F089-4113-B38A-BD78E124F346}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D941EE11-D952-4076-8E61-210B28CDE073}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74176E21-E284-4ABB-881F-40023BCC5D55}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4846AC10-8DC2-446A-A653-14DFAED774F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [TCP Query User{676F5E36-DD33-4686-A370-1DE14D98E204}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [UDP Query User{57E59788-28E4-4FAA-8C3A-F19862BE5DCE}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [TCP Query User{521C2D40-5606-4928-905D-DB2E64B5ABEF}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [UDP Query User{192EBD3D-8889-41DD-95CA-C42AF1DAE9BC}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [{AD70EFAA-5E40-4138-970E-D3248BF9453C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9A3DD3D7-7F37-4ADF-86CE-5CA55A9CCEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{00049BA3-0170-46EA-8D25-5ADA116BAB9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{349911C9-75D0-4039-8A34-B0EECD22005C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FC842B5E-859A-492A-A1E2-657B9D834C7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{930BC321-7152-43CE-BDAC-D2AEC9743674}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C3F51683-AF61-4E18-8EB1-00C7408B5980}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{576A76CB-53C4-4743-8AF6-9E6207DCD6EA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{8C14099A-FC0D-4A2E-A749-BFF13E10F1C3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{684DE1AE-9DE5-4848-AB0E-C8C2F2ABCB33}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{960AB28A-53D9-4A30-8EC3-D7EE522B4DE4}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3B74F7E-4E85-4B55-A412-89FD511193E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E414530-A57C-4D99-9AD0-04199D8F0B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8650815-BA84-4AEE-97BD-301147899700}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{3ED8FFCD-9FB8-41B7-8F01-BC42F28CDAE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25611D40-D1A2-48F2-B5BC-CF3A1045319E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2799090-26FC-4FC6-BDFC-B7449E64C66A}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{A836BF80-D6CC-453F-B190-DCD289E7F13D}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{845C5C83-CE0A-4EE4-9140-BA844E868477}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F935380-61F5-47D2-AEE7-77C09CFC0E6B}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{29EAFA0F-4DA8-480D-A009-5EAEFFDD33D1}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{711D19CA-24AF-4AEE-B8A9-3520A4F649AA}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{BFC8316C-DDE7-4D75-A171-BD28A00672BB}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{9475C2EF-D956-4335-8966-3E10261F2551}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{10A22D99-92AE-42FE-8F2F-ACBFC91B1CDE}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{1A34BEEF-DCDE-4DCD-8417-FCE61D6BBD60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7675E67-63D5-40C5-AA26-47CF361648FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3410C96-7AD3-465B-9B10-B3E9D1EA52C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50311E7E-2AA7-4643-B80A-F26E2536FEE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D6C7C51-A369-4C2C-A51D-6BAD763F7215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C45E5B4-805E-4C2F-9B3B-5D26A69B7E9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DADFE512-9B4B-43E8-9813-2CA27C0855C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F12B7F3-232F-4C1F-8C8E-7B33034667C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B99D6CC3-7252-4E1C-897D-5AD7609BF5C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => c:\windows\system32\lvcod64.dll [398360 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => c:\windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => c:\windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => c:\windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.SCPR] => C:\Windows\SysWOW64\SCPR.dll [367116 2012-06-13] (Infognition Co. Ltd.) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Restore Points =========================

07-10-2019 23:01:19 Removed Prepar3D v4 Content

==================== Faulty Device Manager Devices =============

Name: Standard SATA AHCI Controller
Description: Standard SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard SATA AHCI Controller
Service: storahci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:24:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.771_none_4d5d78071b9fe78b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.771_none_05b041300723be85.manifest.

Error: (10/07/2019 11:24:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:24:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:24:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.


System errors:
=============
Error: (10/07/2019 11:23:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 11:23:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 11:22:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7041) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service was unable to log on as .\homepc with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: 1C:Enterprise 8.3 Server Agent (x86-64)
Domain and account: .\homepc

This service account does not have the required user right "Log on as a service."

User Action

Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CG6Service service failed to start due to the following error:
The system cannot find the path specified.

Error: (10/07/2019 11:21:55 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/07/2019 11:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================

Date: 2019-10-07 23:27:00.886
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:26:00.868
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:25:00.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:24:00.847
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:23:00.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:22:28.831
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:22:12.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:22:04.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4d 12/12/2011
Motherboard: Gigabyte Technology Co., Ltd. G1.Guerrilla
Processor: Intel(R) Core(TM) i7 CPU 980 @ 3.33GHz
Percentage of memory in use: 36%
Total physical RAM: 12286.42 MB
Available physical RAM: 7835.33 MB
Total Virtual: 18835.76 MB
Available Virtual: 13987.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.78 GB) (Free:6.33 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (simdisk) (Fixed) (Total:119.24 GB) (Free:0.09 GB) NTFS
Drive e: (FILMS) (Fixed) (Total:931.51 GB) (Free:94.58 GB) NTFS
Drive f: (storage2) (Fixed) (Total:465.75 GB) (Free:0.67 GB) NTFS
Drive g: () (Fixed) (Total:55.89 GB) (Free:0.68 GB) NTFS
Drive h: (backup) (Fixed) (Total:931.51 GB) (Free:4.81 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c2d32257-0000-0000-0000-80b81b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2d32257-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F477C05A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 55.9 GB) (Disk ID: 465FB6DD)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C2D32257)
Partition 1: (Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FB81C632)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: FB81C633)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by homepc (administrator) on SIMPC (Gigabyte Technology Co., Ltd. G1.Guerrilla) (07-10-2019 22:48:44)
Running from C:\Users\homepc\Desktop\Tor Browser
Loaded Profiles: homepc (Available Profiles: homepc & test & newuser & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Pro Version 1809 17763.775 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(CA -> CA) H:\CA_LIC\lic98Service.exe
(CA -> CA) H:\CA_LIC\LogWatNT.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.) C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe
(FxSound, LLC -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Jeppesen Sanderson, Inc -> Jeppesen) C:\Program Files (x86)\Jeppesen\JWC\JWC.exe
(Konstantin Polyakov IP -> Chemtable Software) C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SelfSigned -> ) [File not signed] C:\Program Files (x86)\Dating\Dating.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SurfRight B.V. Dickmaster -> SurfRight B.V.) [File not signed] C:\Program Files\HitmanPro\HitmanPro.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The OpenVPN Project) [File not signed] C:\Program Files\OpenVPN\bin\openvpnserv.exe
(TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\homepc\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22147976 2019-10-02] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Process Killer] => C:\Program Files (x86)\Process Killer\prkiller.exe [38400 2005-07-30] () [File not signed]
HKLM-x32\...\Run: [QW787_v1.1.2a_update] => F:\Симуляторы\P3DV4\Самолеты\QW_787_P3DV4\QW787_v1.1.2a_update.exe [17147444 2018-11-21] () [File not signed]
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1780728 2019-07-26] (FxSound, LLC -> ) [File not signed]
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-02-20] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FlightPlan] => e:\симуляторы\FlightPlan_3_7\FlightPlan.exe [835584 2012-05-05] (Umberto Degli Esposti) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [14941336 2018-06-04] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Task Killer] => E:\Task.Killer.Portable\TaskKiller.exe [221696 2015-12-19] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [AutoHideMouseCursor] => E:\FSL_A320X\P3Dv4.1\FSLabs_A320X_P3D_v2.0.1.237\AutoHideMouseCursor_x64\AutoHideMouseCursor_x64.exe [152576 2018-03-23] (Nenad Hrg (SoftwareOK.com)) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [636416 2017-09-15] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Viber] => C:\Users\homepc\AppData\Local\Viber\Viber.exe [41029704 2019-09-25] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [ECMHelper] => C:\Program Files (x86)\Экранная Камера\Agent.exe [847600 2018-12-26] (AMS Software) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16443120 2018-10-05] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [GameCenter] => C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe [9983616 2019-08-08] (Mail.Ru, LLC -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [SimBrief Downloader] => C:\Users\homepc\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer -> Derek Mayer)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23912440 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {0dd97860-05ce-11e9-82b3-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {94b459e9-074c-11e9-82bb-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {a16e49be-19a4-11e9-833c-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {acbb8ff6-100a-11e9-8305-001fc6276e5b} - "L:\dvdcheck.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {d8fd3f33-0891-11e9-82be-001fc6276e5b} - "L:\setup.exe"
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk [2019-09-15]
ShortcutTarget: Bigfoot Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2019-05-15]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2018-12-24]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dating.lnk [2019-07-28]
ShortcutTarget: Dating.lnk -> C:\Program Files (x86)\Dating\Dating.exe (SelfSigned -> ) [File not signed]
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disk-O.lnk [2018-12-10]
ShortcutTarget: Disk-O.lnk -> C:\Users\homepc\AppData\Local\Mail.Ru\Disk-O\DiskO.exe (LLC Mail.Ru -> Mail.Ru)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Letasoft Sound Booster.lnk [2019-01-08]
ShortcutTarget: Letasoft Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft LLC -> Letasoft)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2018-05-22]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D63D986-6751-4C26-908A-260F5ADD4292} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [6287776 2019-02-19] (Bandicam Company -> Bandicam Company)
Task: {32566FC1-6EE8-417C-B89F-C1B871382D6B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3B483FCD-B42F-4CBE-96E6-15CEE4158812} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_homepc => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {3E531F2C-FC20-4030-9AD8-58A7330BE779} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
Task: {48669851-E43F-4749-86DF-BC580859156F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BB42F87-709C-4EA8-9AA8-43DB55C04928} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [6982216 2019-09-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {4F71DDFA-CEB3-46C5-B103-0CC0B3BD3FED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {577622A0-4C43-496D-85A2-924AC1336ADD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-14] (Adobe Inc. -> Adobe)
Task: {66669C3C-4730-45E9-9C0C-98B790D86110} - System32\Tasks\Core Temp Autostart homepc => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {6F3C805A-1DD5-4554-8B51-D1E29E54E471} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {88F6EC18-D85C-48C2-9AE3-B0D27DEDAB6F} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1029512 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {8A7573F9-A3B1-4BB5-862D-EF7D294221F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B25905B-ED6B-4E17-8FA2-A86E1473AEC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9302A8F4-8FD2-453C-9B6C-AA8A44265007} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2357164880-557895980-647672482-1001 => C:\Users\homepc\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {95F74322-C145-432A-B5DC-5A00537981D5} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [709512 2019-08-15] (Bitsum LLC -> Bitsum LLC) <==== ATTENTION
Task: {987F598E-0428-4639-8259-2820430D78D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C6F6EEC-7E5B-47DD-909B-47537097061D} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {AC4E3BF1-94F4-48AC-8E0C-F0EB3C0AD5B4} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {B425F0F0-DE66-4D15-AF02-AEDBE66B23D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {B58A9E73-4B07-44D6-BF0F-C16A3B42C820} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1541520 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {C75E651E-8A3B-4A70-B2F8-705E6390EEC8} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {CD79079A-A998-468C-82D0-F7127A5F78F4} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2550968 2012-08-30] (Beepa Pty Ltd -> Beepa P/L) [File not signed]
Task: {DE55D662-192E-44AD-A44C-92D7366BE150} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E769C0E3-71CF-445A-B5C7-EA3170B56DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {E80A2128-822A-4712-A4B1-82EFDAE09546} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ED970E6A-70A3-4E19-9243-A8AD38614FC6} - System32\Tasks\FPSMonitor => C:\Program Files (x86)\FPS Monitor\FPSMonitor.exe [7098592 2019-04-25] (Kozadaev Eduard Vladimirovich -> )
Task: {F6DA550E-A9CA-4E3C-84DE-900736C61C68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F95AE5D8-379F-4656-BED6-12A6D5A2C054} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [11517320 2019-08-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {FFB35F64-23CA-42B2-BD87-CC98E4B0A343} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 22 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 22 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31232c54-0567-44c1-af24-8ca68e6dc70f}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{b922b671-da25-45bc-bcb6-227098c215e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=812208
SearchScopes: HKU\S-1-5-21-2357164880-557895980-647672482-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BACD27B3D-C9E4-4CD8-9795-15E79965F9DD%7D&gp=812209
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2017-06-23] (Download Master -> WestByte) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pze24zhj.NESTOR
FF DefaultProfile: lh2u6es8.default
FF ProfilePath: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR [2019-10-07]
FF Homepage: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> hxxps://yandex.ru/?clid=2224022
FF NetworkProxy: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: homeutil@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: vb@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@hoxx-vpn.xpi [2019-10-07]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@setupvpncom.xpi [2019-10-07]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@webrtc-leak-shield.xpi [2018-02-24]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\client@anonymox.net.xpi [2018-12-14]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\divanproger@gmail.com.xpi [2019-08-19]
FF Extension: (Free Download Manager) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\fdm_ffext2@freedownloadmanager.org.xpi [2019-09-25]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@ghostery.com.xpi [2019-08-29]
FF Extension: (MEGA) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@mega.co.nz.xpi [2019-10-03] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@tampermonkey.net.xpi [2019-05-30]
FF Extension: (Start Page — Yandex) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\homeutil@yandex.ru.xpi [2019-09-09]
FF Extension: (Pinterest Save Button) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2019-09-25]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\public.proartex@gmail.com.xpi [2018-05-08]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (uBlock Origin) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\vb@yandex.ru.xpi [2019-04-24]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\xd4rker@gmail.com.xpi [2019-02-04]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\zoompage-we@DW-dev.xpi [2019-09-23]
FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2019-05-14]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF ProfilePath: C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default [2019-02-27]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\lh2u6es8.default -> hxxp://mail.ru/cnt/10445?gp=812204
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@hoxx-vpn.xpi [2018-10-19]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@setupvpncom.xpi [2018-02-06]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@webrtc-leak-shield.xpi [2018-03-28]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\client@anonymox.net.xpi [2017-06-24] [Legacy]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\divanproger@gmail.com.xpi [2018-12-16]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@ghostery.com.xpi [2019-01-31]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@tampermonkey.net.xpi [2018-10-06]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\public.proartex@gmail.com.xpi [2017-06-24] [Legacy]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\s3google@translator.xpi [2018-10-20]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\vb@yandex.ru.xpi [2017-08-01] [Legacy]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\xd4rker@gmail.com.xpi [2018-11-21]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\zoompage-we@DW-dev.xpi [2018-12-16]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-26]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-31]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-10-06]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2018-06-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2017-12-24] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mail.ru/cnt/9516
CHR StartupUrls: Default -> "hxxp://www.mail.ru/cnt/9516","hxxp://mail.ru/cnt/10445?gp=812208"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B792CA924-60DD-4AE5-BF89-099626812133%7D&gp=812209
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default [2019-10-07]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2019-01-01]
CHR Extension: (Download Master) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljdacfojgikogldjffnkdcielnklkce [2019-09-25]
CHR Extension: (Direct.Fastix ) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknnjfgcgglncamgpbbdfkianokjohlh [2019-02-03]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-07]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.16.4.6852\BVDChromeExt.crx [2018-12-29]
CHR HKLM-x32\...\Chrome\Extension: [dljdacfojgikogldjffnkdcielnklkce] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-09-16] (BattlEye Innovations e.K. -> )
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [File not signed]
S4 BLMS; C:\Program Files (x86)\BASTION\BLMS.exe [33280 2015-04-29] () [File not signed]
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
R2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [ ]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14703064 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2226136 2019-10-03] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [5388856 2019-08-28] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7136488 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R2 FSLabs Service; C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe [92304 2018-11-08] (Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [439296 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
S4 hasplms; C:\WINDOWS\system32\hasplms.exe [4319776 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-02-02] (SurfRight B.V. -> SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LogWatch; H:\CA_LIC\LogWatNT.exe [75016 2008-05-20] (CA -> CA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 MySQL; C:\Program Files (x86)\BASTION\mysql\bin\mysqld.exe [11074560 2016-01-15] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2018-06-01] (Letasoft LLC -> Letasoft)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2019-02-20] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath
R3 ALSysIO; C:\Users\TEMPSI~1.000\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-07] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 Arctosa; C:\WINDOWS\system32\drivers\Arctosa.sys [26624 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 BfEdge7x64; C:\WINDOWS\System32\drivers\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R3 BFN7x64; C:\WINDOWS\System32\drivers\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 cpuz140; no ImagePath
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DIRECTIO37; C:\Program Files\BurnInTest\DirectIo64.sys [31376 2015-02-16] (PassMark Software Pty Ltd -> )
R0 DrWebLwf; C:\WINDOWS\System32\drivers\DrWebLwf.sys [505592 2019-10-07] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2019-09-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R0 DwDevGuard; C:\WINDOWS\System32\drivers\dwdg.sys [241264 2019-03-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\WINDOWS\System32\drivers\dwelam.sys [31984 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\WINDOWS\System32\drivers\dwprot.sys [860240 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-01-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1304840 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2019-10-07] (SurfRight B.V. -> )
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ip100Avista; C:\WINDOWS\System32\drivers\ipfnd51.sys [36864 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-11] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2018-03-02] (Extra Solutions Ltd -> Trust.Zone VPN Project)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OSFMount; C:\Program Files\OSFMount\x64\OSFMount.sys [1038416 2018-03-22] (PassMark Software Pty Ltd -> PassMark Software)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-04-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PORTMON; C:\SysinternalsSuite\PORTMSYS.SYS [28656 2018-12-11] (Systems Internals) [File not signed]
S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [39568 2016-06-14] (Prosoft Engineering, Inc. -> )
S3 rspSanity; C:\WINDOWS\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 SpiderG3; C:\WINDOWS\System32\drivers\spiderg3.sys [390248 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2019-09-21] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-11-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp; C:\WINDOWS\system32\disko\winfsp-x64.sys [144848 2018-01-25] (Navimatics Corporation -> Navimatics Corporation)
S3 LVPr2M64; \SystemRoot\system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 22:47 - 2019-10-07 22:47 - 000011522 _____ C:\Users\test\Documents\FPSMonitor.txt
2019-10-07 22:47 - 2019-10-07 22:47 - 000000258 __RSH C:\Users\test\ntuser.pol
2019-10-07 22:46 - 2019-10-07 22:47 - 000000000 ____D C:\Users\TEMP.SIMPC.000
2019-10-07 22:46 - 2019-10-07 22:46 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-07 22:30 - 2019-10-07 22:31 - 000000000 ____D C:\Users\TEMP.SIMPC
2019-10-07 22:00 - 2019-10-07 22:00 - 000001240 _____ C:\WINDOWS\system32\Drivers\etc\hosts.zip
2019-10-07 21:34 - 2019-10-07 21:35 - 000000000 ____D C:\Users\TEMP
2019-10-07 21:34 - 2019-10-07 21:34 - 000000000 ____D C:\Bandicam
2019-10-07 21:22 - 2019-10-07 22:18 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-10-07 21:21 - 2019-10-07 21:21 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-07 21:21 - 2019-10-07 21:21 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Users\homepc\AppData\Local\mbamtray
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Users\homepc\AppData\Local\mbam
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-07 21:21 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-07 21:21 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-07 18:42 - 2019-10-07 22:49 - 000000000 ____D C:\FRST
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ C:\Users\homepc\AppData\Local\recently-used.xbel
2019-10-07 16:39 - 2019-10-07 16:39 - 000000000 ____D C:\WINDOWS\Panther
2019-10-07 16:03 - 2019-10-07 16:03 - 000001558 _____ C:\Users\homepc\Desktop\SFCFix.txt
2019-10-07 16:00 - 2019-10-07 16:00 - 000000000 _____ C:\WINDOWS\system32\sfc
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\LocalLow\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\OneDrive
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Mozilla
2019-10-07 15:51 - 2019-10-07 15:51 - 000000000 ____D C:\Users\newuser\AppData\Local\Comms
2019-10-07 15:26 - 2019-10-07 15:26 - 000000000 ____D C:\Users\newuser\AppData\Local\ChemTable Software
2019-10-07 15:24 - 2019-10-07 20:23 - 000000000 ____D C:\Users\newuser\AppData\Local\PlaceholderTileLogoFolder
2019-10-07 15:24 - 2019-10-07 15:26 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1010
2019-10-07 15:24 - 2019-10-07 15:26 - 000000000 ___RD C:\Users\newuser\OneDrive
2019-10-07 15:24 - 2019-10-07 15:24 - 000001450 _____ C:\Users\newuser\Desktop\Microsoft Edge.lnk
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\OpenVPN
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\Toshiba
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\DFX
2019-10-07 15:23 - 2019-10-07 21:30 - 000000000 ____D C:\Users\newuser
2019-10-07 15:23 - 2019-10-07 20:22 - 000011522 _____ C:\Users\newuser\Documents\FPSMonitor.txt
2019-10-07 15:23 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Packages
2019-10-07 15:23 - 2019-10-07 15:26 - 000002369 _____ C:\Users\newuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:23 - 2019-10-07 15:23 - 000000020 ___SH C:\Users\newuser\ntuser.ini
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___RD C:\Users\newuser\3D Objects
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___HD C:\Users\newuser\MicrosoftEdgeBackups
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\ProcessLasso
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Adobe
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\VirtualStore
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Publishers
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\MicrosoftEdge
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Google
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\ConnectedDevicesPlatform
2019-10-07 15:23 - 2017-06-25 00:42 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Macromedia
2019-10-07 15:07 - 2019-10-07 15:07 - 000000000 ____D C:\Users\test\AppData\Local\Toshiba
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\Users\Public\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\ProgramData\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly the Maddog X
2019-10-06 06:38 - 2019-10-06 06:40 - 000000000 ___DC C:\Users\homepc\Documents\Maddog X Files
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\Users\Public\Desktop\AirHauler 2.lnk
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\ProgramData\Desktop\AirHauler 2.lnk
2019-10-05 23:50 - 2019-10-05 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS2Crew2012
2019-10-05 23:43 - 2019-10-05 23:43 - 000000000 ____D C:\Program Files\AI Lights Reborn Free Edition
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo Internationall (FSX)
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo International (FSX)
2019-10-05 22:36 - 2019-10-05 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG - Cape Town FSX
2019-10-05 17:55 - 2019-10-05 17:55 - 020815872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019013632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-05 17:55 - 2019-10-05 17:55 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000241976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 026806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 023454720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 009680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002415928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002200376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-05 17:54 - 2019-10-05 17:54 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001751424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001720120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001399608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001247344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-05 14:38 - 2019-10-05 14:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1
2019-10-05 14:37 - 2019-10-05 14:37 - 000001862 _____ C:\Users\homepc\Desktop\AFX.lnk
2019-10-05 14:37 - 2019-10-05 14:37 - 000000000 ____D C:\Program Files (x86)\AFX
2019-10-04 15:01 - 2019-10-04 15:01 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-03 18:31 - 2019-10-03 18:31 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-09-30 23:12 - 2019-09-30 23:12 - 000034030 _____ C:\Users\homepc\Desktop\ChasePlane_Report_gtafivehater_gmail_com.txt
2019-09-30 15:53 - 2019-09-30 15:53 - 000000000 ____D C:\Users\homepc\AppData\Local\Viber
2019-09-29 17:26 - 2019-10-05 17:58 - 000519104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 02:03 - 2019-09-29 02:03 - 000000000 ____D C:\Users\homepc\AppData\Local\gtk-3.0
2019-09-29 01:11 - 2019-10-07 18:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\gsmartcontrol
2019-09-28 23:14 - 2019-10-07 16:03 - 000000000 ____D C:\SFCFix
2019-09-28 23:13 - 2019-10-07 16:03 - 000000000 ____D C:\Users\homepc\AppData\Local\niemiro
2019-09-28 22:46 - 2019-09-28 22:46 - 000000000 ___HD C:\$Windows.~WS
2019-09-28 22:38 - 2019-09-28 22:39 - 000000000 ____D C:\Program Files\NTLite
2019-09-28 22:38 - 2019-09-28 22:38 - 000000825 _____ C:\Users\homepc\Desktop\NTLite.lnk
2019-09-28 22:38 - 2019-09-28 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2019-09-28 19:19 - 2019-09-28 23:06 - 000000000 ____D C:\ESD
2019-09-28 13:43 - 2019-09-28 13:43 - 000001098 _____ C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RD-soft
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-28 13:38 - 2019-09-28 13:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\THROTTLEINDICATOR
2019-09-28 13:27 - 2019-09-28 13:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\fscabincrew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FS Cabin Crew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\Program Files (x86)\drubware.net
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\Users\Public\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\ProgramData\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\Users\Public\Desktop\FSLA320-X MCDU.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\ProgramData\Desktop\FSLA320-X MCDU.url
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ C:\Program Files (x86)\unEZCA2.exe
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\Users\Public\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\ProgramData\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\EZCA
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA2
2019-09-27 01:49 - 2019-09-27 03:53 - 000002048 _____ C:\WINDOWS\ezcamera2.lic
2019-09-27 00:18 - 2019-09-27 00:20 - 000000000 ____D C:\OpusFSX
2019-09-27 00:17 - 2019-09-27 00:18 - 000000000 ____D C:\Opus Software
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-25 02:53 - 2019-09-25 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Majestic Software
2019-09-25 01:51 - 2019-09-28 18:57 - 000000000 ____D C:\1909_f1_rxp
2019-09-25 01:22 - 2019-09-25 01:22 - 000000000 ____D C:\ProgramData\Garmin
2019-09-25 01:11 - 2019-09-28 20:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\Users\Public\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\ProgramData\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\Program Files (x86)\Download Master
2019-09-24 18:44 - 2019-09-30 23:12 - 000000000 ____D C:\Program Files (x86)\ChasePlane (XEdition)
2019-09-24 18:44 - 2019-09-24 21:36 - 000000000 ___DC C:\Users\homepc\Documents\ChasePlane Presets
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\Users\Public\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\ProgramData\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChasePlane (XEdition)
2019-09-24 17:28 - 2019-09-26 17:12 - 000000895 _____ C:\Users\homepc\Desktop\F1UpdateTool.lnk
2019-09-24 17:28 - 2019-09-24 17:28 - 000000935 _____ C:\Users\homepc\Desktop\f1update_tool_readme.lnk
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hoppie
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\Program Files (x86)\Hoppie
2019-09-22 00:38 - 2019-09-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simware - Valencia X - FSX
2019-09-21 22:49 - 2019-09-21 23:21 - 000001116 _____ C:\Users\homepc\Desktop\767-300 FSX Configuration Manager.lnk
2019-09-21 21:08 - 2019-09-21 21:18 - 000203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-09-21 14:13 - 2019-09-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARMI Project - Muscat OOMS FSX
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\Users\Public\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\ProgramData\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-21 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Ground Crew X
2019-09-21 13:31 - 2019-09-29 21:13 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Ultimate Ground Crew X
2019-09-17 00:14 - 2019-09-17 00:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3res
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3weatherfiles
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3Charts
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3aircraftfiles
2019-09-16 23:49 - 2019-09-16 23:49 - 000000000 ____D C:\Users\homepc\zygrib
2019-09-16 23:34 - 2019-09-27 00:34 - 000000000 ____D C:\OpusFSI_v5
2019-09-16 21:39 - 2019-09-16 21:39 - 000001181 _____ C:\Users\homepc\Desktop\Active Sky Next for FSX SP5.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000002021 _____ C:\Users\homepc\Desktop\FS Global Real Weather.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000000000 ____D C:\Program Files (x86)\FSGRW
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\Users\Public\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\ProgramData\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\Users\Public\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\ProgramData\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDreamTeam
2019-09-15 14:00 - 2019-10-07 21:35 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2019-09-15 13:41 - 2019-09-15 13:42 - 000082268 _____ C:\ProgramData\dxdiag.txt
2019-09-14 23:40 - 2019-09-15 01:43 - 000000000 ____D C:\Program Files\MFSClientV5
2019-09-14 12:27 - 2019-09-14 12:27 - 000000000 ____D C:\Users\homepc\AppData\Local\NVIDIA
2019-09-14 11:15 - 2019-09-14 11:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\NVIDIA
2019-09-14 11:13 - 2019-10-07 22:47 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-14 11:13 - 2019-09-14 13:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-05 22:49 - 005468144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 002634608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000654320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-09-14 11:13 - 2019-09-05 04:04 - 008709382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-09-14 11:13 - 2019-08-01 16:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000447368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000351944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:28 - 011562376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:28 - 009937104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 002051008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001550080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001247432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001140616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000959424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000676096 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000658880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000632768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000544648 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000524168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 040444856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 035334536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 017300360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 014921096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 005358472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 004696968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001726400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443630.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001491336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443630.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 005002192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 004263840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-09-14 11:12 - 2019-09-06 00:19 - 000054700 _____ C:\WINDOWS\system32\nvinfo.pb
2019-09-14 11:12 - 2019-09-06 00:19 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-09-14 11:07 - 2019-09-14 11:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-14 11:06 - 2019-09-14 11:06 - 000000000 ____D C:\ShadersHLSL
2019-09-13 21:28 - 2019-09-13 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSS FSL A320 IAE V2.1
2019-09-13 20:53 - 2019-09-13 20:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PILOT'S Software
2019-09-13 19:06 - 2019-09-27 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd
2019-09-13 19:05 - 2019-09-13 19:30 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\MSBuild
2019-09-13 13:25 - 2019-09-13 13:25 - 017761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 013942784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004850688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-13 13:25 - 2019-09-13 13:25 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002148864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-13 02:09 - 2019-10-07 00:09 - 000000000 ____D C:\TCPU71
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\Users\Public\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\ProgramData\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\Users\Public\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\ProgramData\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 00:00 - 2019-09-13 00:00 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PMDG Operations Center.lnk
2019-09-12 18:53 - 2019-09-12 19:00 - 000000000 ____D C:\BLOCKCHECKDPI
2019-09-11 01:12 - 2019-09-11 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2019-09-11 00:42 - 2019-09-11 00:43 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X - Steam Edition Files
2019-09-10 23:57 - 2019-09-10 23:57 - 000000208 _____ C:\Captain.ini
2019-09-10 19:27 - 2019-09-28 13:43 - 000000000 ____D C:\Program Files (x86)\RD-soft
2019-09-10 19:27 - 2019-09-10 19:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RDSetInstaller
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\Users\Public\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\ProgramData\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-10 19:19 - 2019-09-10 19:19 - 000000000 ____D C:\Users\homepc\AppData\Local\kACARS_-LR
2019-09-10 19:18 - 2019-09-10 19:18 - 000003113 _____ C:\Users\homepc\Desktop\kACARS - Landing Rate.lnk
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kACARS_Free
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Program Files (x86)\FS-Products
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\Users\Public\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\ProgramData\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 747-400 V2 for FSX
2019-09-08 00:49 - 2019-09-11 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2019-09-08 00:19 - 2019-09-08 00:19 - 000271424 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2019-09-08 00:14 - 2019-09-08 00:14 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2019-09-07 14:22 - 2019-09-07 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Airbus A318-A319 - FSX

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 22:49 - 2017-06-24 11:27 - 000000000 ____D C:\Users\homepc\AppData\LocalLow\Mozilla
2019-10-07 22:48 - 2018-12-16 22:28 - 000000000 ____D C:\Users\homepc
2019-10-07 22:47 - 2018-12-16 22:38 - 000003180 _____ C:\WINDOWS\system32\Tasks\FRAPS
2019-10-07 22:47 - 2018-12-16 22:28 - 000000000 ____D C:\Users\test
2019-10-07 22:47 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-07 22:47 - 2018-05-10 21:23 - 000015302 ____C C:\Users\homepc\Documents\FPSMonitor.txt
2019-10-07 22:47 - 2018-04-27 21:38 - 000000000 ____D C:\Fraps
2019-10-07 22:47 - 2017-08-04 23:22 - 000000000 ____D C:\Program Files\Core Temp
2019-10-07 22:46 - 2018-12-26 16:25 - 000000000 ____D C:\ProgramData\VMware
2019-10-07 22:46 - 2018-12-16 22:38 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-10-07 22:46 - 2018-12-16 22:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-07 22:46 - 2018-09-15 10:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-07 22:46 - 2018-08-13 17:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-07 22:46 - 2018-04-09 23:54 - 000000000 ____D C:\ProgramData\Jeppesen
2019-10-07 22:46 - 2017-06-24 12:57 - 000000000 ____D C:\ProgramData\Doctor Web
2019-10-07 22:46 - 2017-06-24 10:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-07 22:44 - 2018-12-16 22:37 - 000977104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-07 22:44 - 2018-09-15 10:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-07 22:44 - 2018-09-15 09:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-07 22:43 - 2018-09-15 10:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-07 22:36 - 2018-12-16 22:38 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1001
2019-10-07 22:21 - 2018-07-22 12:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-07 22:16 - 2017-12-27 16:16 - 000000000 ____D C:\WINDOWS\pss
2019-10-07 22:11 - 2018-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-07 21:34 - 2018-02-02 00:16 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-10-07 21:30 - 2019-02-25 14:25 - 000000000 ____D C:\Program Files\SSD Tweaker
2019-10-07 21:30 - 2018-04-27 22:04 - 000000000 ____D C:\Program Files (x86)\Bandicam
2019-10-07 21:30 - 2018-02-24 00:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\uTorrent
2019-10-07 21:21 - 2018-09-15 10:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-07 21:19 - 2018-09-15 09:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-10-07 20:24 - 2018-09-15 10:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-07 19:48 - 2019-02-03 16:47 - 000000000 ____D C:\WX Advantage Radar
2019-10-07 19:33 - 2018-04-05 15:40 - 000000000 ___DC C:\Users\homepc\AppData\Local\Apps\2.0
2019-10-07 19:31 - 2017-12-10 18:46 - 000000000 ___DC C:\Users\homepc\AppData\Local\Packages
2019-10-07 18:58 - 2017-06-25 12:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\CrashDumps
2019-10-07 18:44 - 2017-06-24 23:54 - 000000000 ____D C:\Users\homepc\Desktop\Tor Browser
2019-10-07 17:44 - 2018-10-18 13:18 - 000505592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\drweblwf.sys
2019-10-07 17:10 - 2018-12-21 21:57 - 000000000 ___DC C:\Users\homepc\Documents\ViberDownloads
2019-10-07 16:39 - 2017-09-22 17:08 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-07 16:39 - 2017-06-24 12:05 - 000000000 ____D C:\Users\homepc\AppData\Roaming\ViberPC
2019-10-07 16:19 - 2018-12-16 22:28 - 000002366 _____ C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 16:19 - 2017-06-24 10:46 - 000000000 ___RD C:\Users\homepc\OneDrive
2019-10-07 15:52 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-10-07 15:41 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2019-10-07 15:26 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\DelayedItemsByChemtableSoftware
2019-10-07 15:26 - 2018-07-18 16:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Telegram Desktop
2019-10-07 15:23 - 2018-11-25 16:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Clipdiary
2019-10-07 15:08 - 2018-12-16 22:38 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1002
2019-10-07 15:08 - 2018-12-16 22:28 - 000002360 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:08 - 2017-12-10 18:46 - 000000000 ____D C:\Users\test\AppData\Local\Packages
2019-10-07 15:08 - 2017-09-21 18:36 - 000000000 ___RD C:\Users\test\OneDrive
2019-10-07 15:07 - 2017-12-28 23:39 - 000000000 ___RD C:\Users\test\3D Objects
2019-10-07 14:52 - 2017-06-24 13:17 - 000000000 ____D C:\Users\homepc\AppData\Roaming\WhatsApp
2019-10-07 14:18 - 2017-06-24 11:15 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-07 14:11 - 2017-07-25 00:28 - 000000000 ___DC C:\Users\homepc\Documents\AivlaSoft
2019-10-07 13:25 - 2019-05-31 19:10 - 000000000 ____D C:\Users\homepc\AppData\Local\BitTorrentHelper
2019-10-07 02:07 - 2019-08-29 01:11 - 000000000 ____D C:\Users\homepc\AppData\Roaming\vlc
2019-10-06 19:02 - 2019-03-13 13:04 - 000000000 ____D C:\Users\homepc\AppData\Roaming\SimBrief Downloader
2019-10-06 17:35 - 2019-01-28 21:30 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X Files
2019-10-06 17:01 - 2019-01-29 17:38 - 000001155 _____ C:\Users\homepc\Desktop\Active Sky 2016 for FSX.lnk
2019-10-06 15:52 - 2017-09-12 12:56 - 000000000 ____D C:\SoyzClient
2019-10-06 15:34 - 2017-12-29 00:30 - 000000000 ____D C:\ProgramData\Virtuali
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\Users\Public\Documents\DX10SceneryFixer
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\ProgramData\Documents\DX10SceneryFixer
2019-10-06 15:26 - 2017-07-24 00:00 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Virtuali
2019-10-06 06:45 - 2017-07-28 03:00 - 000000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2019-10-06 06:18 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\eSellerate
2019-10-06 05:12 - 2017-12-29 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-10-06 04:06 - 2019-05-13 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
2019-10-06 00:37 - 2017-09-16 19:24 - 000000000 ___DC C:\Users\homepc\Documents\vPilot Files
2019-10-06 00:25 - 2018-08-11 14:49 - 000000000 ___DC C:\Users\homepc\AppData\Local\V1_Software
2019-10-06 00:10 - 2019-06-28 19:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-06 00:10 - 2018-07-27 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2019-10-06 00:10 - 2017-06-24 10:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-05 23:50 - 2018-07-13 23:12 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RAASPRO
2019-10-05 23:43 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Add-ons
2019-10-05 17:58 - 2019-03-28 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 17:58 - 2017-12-10 19:59 - 000000000 ___RD C:\Users\homepc\3D Objects
2019-10-05 17:58 - 2017-06-24 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-05 17:56 - 2018-09-15 12:11 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-05 17:56 - 2018-09-15 12:11 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-05 17:56 - 2018-09-15 12:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-05 17:56 - 2018-09-15 09:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-05 17:54 - 2017-06-24 11:38 - 000408644 __RSH C:\bootmgr
2019-10-05 14:37 - 2017-07-26 03:41 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2019-10-05 13:31 - 2017-08-06 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2019-10-05 12:01 - 2019-02-25 20:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Discord
2019-10-05 11:57 - 2017-06-24 11:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-03 16:00 - 2017-06-24 12:59 - 000000000 ____D C:\Program Files\DrWeb
2019-10-03 12:34 - 2019-03-26 16:25 - 000000000 ____D C:\Users\homepc\AppData\Local\WhatsApp
2019-10-02 21:52 - 2018-12-16 22:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:52 - 2018-12-16 22:38 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 21:52 - 2017-11-17 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-30 20:21 - 2017-09-21 18:40 - 000000000 ____D C:\Temp
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\Users\Public\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\ProgramData\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000000000 ____D C:\Program Files (x86)\AIDA64
2019-09-30 14:10 - 2018-10-18 13:19 - 000860240 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwprot.sys
2019-09-30 14:10 - 2018-10-18 13:18 - 000390248 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\spiderg3.sys
2019-09-29 21:14 - 2018-12-25 18:07 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-09-29 17:25 - 2018-02-07 01:32 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Wise Disk Cleaner
2019-09-29 17:24 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\ProgramData\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2019-09-28 20:38 - 2018-03-28 13:04 - 000000000 ____D C:\Boson
2019-09-28 13:25 - 2017-07-24 01:47 - 000000000 ___DC C:\Users\homepc\AppData\Local\Downloaded Installations
2019-09-27 03:54 - 2017-07-23 16:57 - 000000000 ____D C:\Program Files (x86)\EZCA2
2019-09-27 03:53 - 2017-07-23 16:56 - 000000000 ____D C:\EZdok Software
2019-09-27 03:38 - 2019-02-26 02:50 - 000000000 ____D C:\Program Files\EZCA3
2019-09-27 03:36 - 2019-02-25 22:23 - 000000000 ____D C:\Program Files (x86)\Flight1 Purchase Agent
2019-09-27 02:56 - 2019-01-22 23:20 - 000000000 __SHD C:\Users\Public\DRM
2019-09-27 00:17 - 2017-12-28 01:37 - 000002048 _____ C:\WINDOWS\OpusFSX.lic
2019-09-27 00:13 - 2018-01-28 13:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Navdata
2019-09-27 00:13 - 2018-01-28 13:29 - 000002048 _____ C:\WINDOWS\CX750X.lic
2019-09-27 00:12 - 2019-02-25 22:23 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1Purchase
2019-09-27 00:08 - 2019-02-26 02:50 - 000002048 _____ C:\WINDOWS\ezcapro3.lic
2019-09-27 00:02 - 2019-02-25 22:23 - 000083295 _____ C:\Program Files (x86)\F1Uninstall.exe
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\Users\Public\Desktop\Flight1 Purchase Agent.lnk
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\ProgramData\Desktop\Flight1 Purchase Agent.lnk
2019-09-26 19:39 - 2018-12-16 22:28 - 000000000 ____D C:\Users\DefaultAppPool
2019-09-26 17:12 - 2017-08-23 12:55 - 000000000 ____D C:\ProgramData\Flight One Software
2019-09-26 04:18 - 2019-02-02 02:16 - 000000109 _____ C:\WINDOWS\GARMINWT.INI
2019-09-26 02:06 - 2018-04-23 00:26 - 000000221 ____C C:\Users\homepc\Documents\ax_files.xml
2019-09-25 20:45 - 2019-05-05 17:20 - 000000000 ____D C:\Program Files (x86)\FSrealWX 3.0
2019-09-25 12:15 - 2017-11-17 13:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-09-25 02:46 - 2017-12-30 20:32 - 000000000 ____D C:\Program Files (x86)\FSBuild
2019-09-25 01:29 - 2019-09-06 19:11 - 000000000 ____D C:\Program Files\Process Lasso
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\Users\Public\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\ProgramData\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso Pro
2019-09-25 01:29 - 2018-12-16 22:38 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2019-09-25 01:29 - 2018-12-16 22:38 - 000003096 _____ C:\WINDOWS\system32\Tasks\Process Lasso Core Engine Only
2019-09-25 01:22 - 2019-02-04 22:22 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin Aviation Trainers.lnk
2019-09-24 17:28 - 2019-02-01 14:39 - 000000890 _____ C:\Users\homepc\Desktop\F1GTNConfig.lnk
2019-09-23 23:23 - 2017-06-24 13:17 - 000000000 ___DC C:\Users\homepc\AppData\Local\SquirrelTemp
2019-09-23 22:32 - 2018-05-18 11:38 - 000000000 ___DC C:\Users\homepc\AppData\Local\D3DSCache
2019-09-23 15:09 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-23 15:09 - 2017-12-28 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSrealWX
2019-09-23 15:07 - 2018-12-17 14:49 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-23 15:07 - 2018-10-10 18:37 - 000000000 ___RD C:\Users\homepc\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-09-22 02:52 - 2019-04-19 00:34 - 000000000 ____D C:\Program Files\WhoCrashed
2019-09-22 00:53 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Files
2019-09-21 22:49 - 2018-04-28 14:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-09-21 21:37 - 2018-04-30 15:02 - 000000000 ____D C:\Program Files (x86)\PMDG Operations Center
2019-09-21 16:49 - 2017-07-27 15:29 - 000000000 ____D C:\ProgramData\firebird
2019-09-21 15:11 - 2017-07-27 15:27 - 000000000 ____D C:\PRO-ATC-X
2019-09-19 13:15 - 2017-09-14 15:00 - 000000000 ____D C:\DrWebkeys
2019-09-19 13:13 - 2017-07-23 21:34 - 000000000 ____D C:\aerosoft
2019-09-17 11:44 - 2019-02-26 02:03 - 000000035 _____ C:\general.INI
2019-09-17 01:02 - 2017-08-31 16:42 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2019-09-17 00:14 - 2019-05-05 16:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3
2019-09-17 00:13 - 2017-12-28 20:14 - 000000000 ____D C:\Program Files (x86)\FSrealWX_Pro
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\Users\Public\Desktop\FSrealWX Pro.lnk
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\ProgramData\Desktop\FSrealWX Pro.lnk
2019-09-16 21:39 - 2019-01-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2019-09-16 21:39 - 2019-01-29 17:37 - 000000000 ____D C:\Program Files (x86)\HiFi
2019-09-16 21:39 - 2018-01-28 03:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\HiFi
2019-09-16 20:41 - 2018-05-27 13:10 - 000001095 _____ C:\Users\homepc\Desktop\MFSClient.lnk
2019-09-16 19:50 - 2018-02-03 17:52 - 000000000 ____D C:\Program Files (x86)\Addon Manager
2019-09-16 19:30 - 2018-02-03 18:04 - 000000179 _____ C:\Users\homepc\FSDreamTeam_GSX.reg
2019-09-16 15:57 - 2018-02-06 19:31 - 000000000 ___HD C:\3gzV5dAb7FiiwFEW
2019-09-16 11:29 - 2018-01-11 19:31 - 000000000 ___DC C:\Users\homepc\AppData\Local\MEGAsync
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\Users\Public\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\ProgramData\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 01:27 - 2018-05-12 00:31 - 000000000 ____D C:\AFSD
2019-09-15 00:40 - 2017-12-30 15:36 - 000000000 ___DC C:\Users\homepc\AppData\Local\QSimPlanner
2019-09-15 00:38 - 2017-12-30 15:36 - 000001149 _____ C:\Users\homepc\Desktop\QSimPlanner.lnk
2019-09-15 00:38 - 2017-12-30 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QSimPlanner
2019-09-14 17:33 - 2019-03-13 13:04 - 000002514 _____ C:\Users\homepc\Desktop\SimBrief Downloader.lnk
2019-09-14 11:13 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\Help
2019-09-14 11:08 - 2017-12-27 16:14 - 000000000 ____D C:\[Guru3D.com]-DDU
2019-09-14 11:03 - 2018-12-16 22:38 - 000004570 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-14 11:03 - 2017-06-25 00:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\Adobe
2019-09-14 11:00 - 2019-04-07 00:43 - 000000000 ____D C:\ProgramData\DisplayDriverUninstaller
2019-09-14 10:48 - 2018-12-16 22:38 - 000004582 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-13 20:15 - 2018-03-04 13:56 - 000000000 ____D C:\ProgramData\FSTramp
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\Users\Public\Documents\PFPX Data
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\ProgramData\Documents\PFPX Data
2019-09-13 18:40 - 2019-02-28 01:02 - 000000000 ____D C:\Users\homepc\AppData\Local\ElevatedDiagnostics
2019-09-13 18:35 - 2019-02-03 04:55 - 000001159 _____ C:\Users\homepc\Desktop\Reg Organizer.lnk
2019-09-13 14:20 - 2017-06-24 10:59 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-13 13:27 - 2018-09-15 10:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-13 13:26 - 2018-09-15 10:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-13 13:26 - 2018-09-15 10:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-13 11:47 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\Users\Public\Desktop\TC PU Programs
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\ProgramData\Desktop\TC PU Programs
2019-09-12 20:36 - 2017-09-01 19:04 - 000001857 _____ C:\Users\homepc\Desktop\FSFX_Tools.lnk
2019-09-11 18:57 - 2017-09-10 16:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\TS3Client
2019-09-11 01:12 - 2018-04-27 23:56 - 000000000 ____D C:\Program Files\ParkControl
2019-09-10 09:54 - 2018-07-26 13:21 - 000001323 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 Server.lnk
2019-09-10 09:49 - 2018-07-26 13:21 - 000001338 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 DbBuilder.lnk
2019-09-08 21:59 - 2019-06-29 00:06 - 000000000 ____D C:\Temp torrents
2019-09-08 19:32 - 2018-08-31 18:23 - 000000000 ___DC C:\Users\homepc\AppData\Local\Ubisoft Game Launcher
2019-09-08 16:41 - 2017-10-15 15:29 - 000002004 _____ C:\Users\homepc\Desktop\FS Real Time.lnk
2019-09-07 22:23 - 2017-07-26 03:41 - 000000000 ____D C:\Program Files (x86)\FS Real Time
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\Users\Public\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\ProgramData\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSTramp
2019-09-07 12:48 - 2018-03-04 13:56 - 000000000 ____D C:\Program Files (x86)\FSTramp

==================== Files in the root of some directories ================

2018-02-03 18:04 - 2019-09-16 19:30 - 000000179 _____ () C:\Users\homepc\FSDreamTeam_GSX.reg
2017-12-30 20:37 - 2019-09-01 22:20 - 000002065 _____ () C:\Program Files (x86)\3187c76b-7ef1-4f48-bb5e-e5da055a81d9.index
2019-02-25 22:23 - 2019-09-27 00:02 - 000083295 _____ () C:\Program Files (x86)\F1Uninstall.exe
2011-12-03 16:23 - 2008-02-21 21:45 - 000070416 _____ () C:\Program Files (x86)\post-2-12035868936904.jpg
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ () C:\Program Files (x86)\unEZCA2.exe
2019-01-31 15:53 - 2019-01-24 18:11 - 000000858 _____ () C:\Users\homepc\AppData\Roaming\8f2626ec-b19e-4dc5-9f23-cdc84f045b52.index
2018-06-20 11:47 - 2018-05-20 18:10 - 000000855 _____ () C:\Users\homepc\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2018-11-04 22:39 - 2018-10-04 09:37 - 002385178 _____ () C:\Users\homepc\AppData\Roaming\ec317386-e87d-48c7-ade1-34457a87d179.index
2017-12-20 01:48 - 2017-12-20 01:48 - 000000128 ____H () C:\Users\homepc\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2018-12-30 23:40 - 2018-12-30 23:40 - 000212879 _____ () C:\Users\homepc\AppData\Roaming\Lockheed Martin.rar
2017-09-03 12:43 - 2019-05-10 00:22 - 000000369 _____ () C:\Users\homepc\AppData\Roaming\OpenSceneryX Installer.plist
2018-10-27 22:23 - 2018-10-27 22:23 - 000000000 _____ () C:\Users\homepc\AppData\Roaming\Program.cfg
2018-10-25 01:07 - 2019-04-27 14:57 - 000000080 _____ () C:\Users\homepc\AppData\Roaming\WED.prefs
2019-05-10 01:34 - 2019-06-15 22:29 - 000008176 _____ () C:\Users\homepc\AppData\Roaming\XAddonManager.plist
2019-03-18 15:50 - 2019-03-18 15:50 - 000000000 _____ () C:\Users\homepc\AppData\Local\oobelibMkey.log
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ () C:\Users\homepc\AppData\Local\recently-used.xbel
2019-04-16 15:23 - 2019-05-16 14:14 - 000007653 _____ () C:\Users\homepc\AppData\Local\Resmon.ResmonCfg
2019-04-19 00:39 - 2019-05-09 02:11 - 000001293 _____ () C:\Users\homepc\AppData\Local\Temp1.html
2019-04-19 00:40 - 2019-04-19 00:40 - 000013510 _____ () C:\Users\homepc\AppData\Local\Temp38.html
2019-05-09 02:11 - 2019-05-09 02:11 - 000003111 _____ () C:\Users\homepc\AppData\Local\Temp6.html
2019-08-12 23:06 - 2019-08-12 23:06 - 000017408 _____ () C:\Users\homepc\AppData\Local\WebpageIcons.db
2019-04-05 15:31 - 2019-05-03 12:37 - 000000093 _____ () C:\Users\homepc\AppData\Local\X-Plane 11 Preferences.prf
2019-04-05 15:31 - 2019-08-13 11:02 - 000000037 _____ () C:\Users\homepc\AppData\Local\X-Plane Installer.prf
2019-04-05 15:31 - 2019-05-25 17:50 - 000000075 _____ () C:\Users\homepc\AppData\Local\X-Plane_drm_11.prf
2019-04-05 15:32 - 2019-08-13 10:39 - 000000032 _____ () C:\Users\homepc\AppData\Local\x-plane_install_11.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 
Corrine said:
I notice that you are using a method to bypass activation of licensed software. Doing so is contrary to Sysnative's Forum rules and I cannot provide further assistance unless you have completely removed all traces of such methods.
Click to expand...
ok iam very sorry. this is latest logs

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by homepc (07-10-2019 23:26:20)
Running from C:\Users\homepc\Desktop\Tor Browser
Windows 10 Pro Version 1809 17763.775 (X64) (2018-12-16 19:38:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2357164880-557895980-647672482-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2357164880-557895980-647672482-503 - Limited - Disabled)
Guest (S-1-5-21-2357164880-557895980-647672482-501 - Limited - Disabled)
homepc (S-1-5-21-2357164880-557895980-647672482-1001 - Administrator - Enabled) => C:\Users\homepc
newuser (S-1-5-21-2357164880-557895980-647672482-1010 - Administrator - Enabled) => C:\Users\newuser
test (S-1-5-21-2357164880-557895980-647672482-1002 - Administrator - Enabled) => C:\Users\test
WDAGUtilityAccount (S-1-5-21-2357164880-557895980-647672482-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Dr.Web Security Space (Disabled - Up to date) {1F0B3F76-4795-94AD-DF9E-2678C33ACA8F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Dr.Web Firewall (Disabled) {2730BE53-0DFA-95F5-F4C1-8F4D3DE98DF4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
µTorrent (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
µTorrent 3.5.1 (HKLM-x32\...\µTorrentPro 3.5.1 Build 44358) (Version: - )
1C:Предприятие 8 (x86-64) (8.3.13.1690) (HKLM\...\{EE557440-904A-48D6-B8B9-F583F83E58D7}) (Version: 8.3.13.1690 - 1С-Софт)
3DMark (HKLM\...\{2B039C20-A45C-42F6-8BD2-4BD6A145A4FA}) (Version: 2.6.6233.0 - UL) Hidden
3DMark (HKLM-x32\...\{489449ac-3782-4a02-89b0-0aeeb367be04}) (Version: 2.6.6233.0 - UL)
4K Video Downloader (HKLM-x32\...\4K Video Downloader) (Version: - Open Media LLC)
4K Video Downloader 4.4.11.2412 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.4.11.2412 - lrepacks.ru)
4K Video Downloader 4.7.0.2602 (HKLM\...\4K Video Downloader_is1) (Version: 4.7.0.2602 - lrepacks.ru)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aarhus Airport X 1.4 (HKLM-x32\...\Aarhus Airport X 1.4) (Version: - )
ACARS Airborne 1.9 (HKLM-x32\...\ACARS Airborne_is1) (Version: - )
ACARS Dispatch 2.2 (HKLM-x32\...\Dispatch_is1) (Version: - )
Accu-Feel (HKLM-x32\...\Accu-Feel) (Version: - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version: - )
Accu-Feel v2 for Prepar3D v4 (HKLM\...\{D7AC696B-DF75-47FE-BF2F-81BCB3CFE518}) (Version: 2.1 - A2A Simulations Inc.) Hidden
Accu-Feel v2 for Prepar3D v4 (HKLM\...\Accu-Feel v2 for Prepar3D v4 2.1) (Version: 2.1 - A2A Simulations Inc.)
AccuMap (HKLM-x32\...\{FF800A09-B165-4CE4-878D-73E100822409}_is1) (Version: 1.2.0 - MothTech)
Active Sky 2016 for FSX (HKLM-x32\...\{25567157-5441-4731-9703-46c506d029c7}_is1) (Version: 1.0.6452.28386 - HiFi Technologies, Inc.)
Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6909.23676 - HiFi Technologies, Inc.)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6255.21938 - HiFi Technologies, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - FlightSim Commander 9 (HKLM-x32\...\{F941AABE-E868-42D9-9F38-884250F7898A}) (Version: 9.7.0.0 - aerosoft)
Aerosoft's - Simcheck Airbus A300B4-200 (HKLM-x32\...\{40C5DFE3-3B86-4151-A225-C7B28ACEFEB7}) (Version: 2.01 - Aerosoft)
Aerosoft's - Simcheck Airbus A300-FMC-add-on - FSX (HKLM-x32\...\Simcheck Airbus A300-FMC-add-on - FSX) (Version: 1.02 - Aerosoft)
AFSD v4.43 (HKLM-x32\...\AFSD_is1) (Version: 4.43 - Hervй Sors)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
AI Lights Reborn Free Edition (HKLM-x32\...\{46C94EA0-957E-11E7-6784-002FAB2F18BE}) (Version: 3.3.4 - Flight Sim Technologies)
AIControllerV20A (HKLM-x32\...\{730735EE-2AB1-408E-A09B-5EA6AA5A6A2A}) (Version: 2.0.1.0 - AIController)
AIDA64 (HKLM-x32\...\AIDA64) (Version: 6.10.5200 - FinalWire Ltd.)
AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 5.99.4900 - )
AILGenerator 4.9 (HKLM-x32\...\AILGenerator_is1) (Version: - Nico Kaan)
AirHauler 2 (HKLM-x32\...\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}) (Version: 1.00.5 - Just Flight)
Airport Design Editor 175 (HKLM-x32\...\ScruffyDuckSoftwareADE175) (Version: 1.75.6410.0 - ScruffyDuck Software)
Aiseesoft Video Downloader (HKLM-x32\...\{0CDC63F0-BDD6-09A4-CC0E-88C6B2CC27AA}) (Version: 6.0.88 - Aiseesoft Studio)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.16 - AivlaSoft )
AivlaSoft EFB2 Client (HKLM-x32\...\AivlaSoft EFB2 Client) (Version: 2.1 - Apprimus Informatik GmbH)
AivlaSoft EFB2 Server (HKLM-x32\...\AivlaSoft EFB2 Server) (Version: 2.1 - Apprimus Informatik GmbH)
AJPC v2.41 (HKLM-x32\...\AJPC_is1) (Version: 2.41 - Hervй Sors)
Allavsoft 3.16.4.6852 (HKLM-x32\...\Allavsoft_is1) (Version: 3.16.4.6852 - lrepacks.ru)
ALTVPN.com version 1.3 (HKLM-x32\...\{C6C3EC46-801F-4FDA-9BC2-D9AF255BA7D4}_is1) (Version: 1.3 - ALTVPN.com)
ARMI Project - Muscat OOMS FSX (HKLM-x32\...\ARMI Project - Muscat OOMS FSX) (Version: - )
ASConnect 2016 for FSX Installer (HKLM-x32\...\{7ef6df55-324a-418f-8d41-80ec539e6cf4}_is1) (Version: 1.0.0.37 - HiFi Technologies, Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Auslogics Driver Updater 1.20.1.0 (HKLM-x32\...\Auslogics Driver Updater_is1) (Version: 1.20.1.0 - Auslogics Labs Pty Ltd)
AUTHGURU (HKLM-x32\...\{E828A555-B89D-4041-BF92-9F08FD774978}) (Version: 9.4 - Bastion Infotech Pvt Ltd)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BestMonitor 2.01 (HKLM-x32\...\BestMonitor_is1) (Version: - BestChange.ru)
Bigfoot Networks Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks) Hidden
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
BlackBox Simulation - PreFlight Manager (HKLM-x32\...\BlackBox Simulation-PreFlightManager) (Version: 1.0.6600 - BlackBox Simulation)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.20.02(T) - Toshiba Client Solutions Co., Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boson NetSim 10 (HKLM-x32\...\{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC) Hidden
Boson NetSim 10 (HKLM-x32\...\InstallShield_{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC)
Boson NetSim 11 (HKLM-x32\...\{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC) Hidden
Boson NetSim 11 (HKLM-x32\...\InstallShield_{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC)
BSS FSL A320 CFM V2 (HKLM-x32\...\BSS FSL A320 CFM V2) (Version: - )
BSS FSL A320 IAE V2.1 (HKLM-x32\...\BSS FSL A320 IAE V2.1) (Version: - )
BurnInTest v9.0 Pro (HKLM\...\BurnInTest_is1) (Version: 9.0.1010.0 - Passmark Software)
CA ERwin Process Modeler r7.3 (HKLM-x32\...\{CEEFB6A4-A02B-4A34-BAAB-200D9B7448B4}) (Version: 7.003.1773 - CA, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: - )
ChasePlane XEdition (HKLM-x32\...\{CB51E288-3016-47E2-A401-A15BA5AA3F97}_is1) (Version: 1.0.26 XE.1 - ChasePlane (XEdition))
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DigitalDesign - ULLI v1.1 (HKLM-x32\...\DIGITALDESIGN-ULLI-F5F8C557-F53A-4D45-8CB1-82FDF84BD7C7_is1) (Version: 1.0.0.0 - SimMarket)
Discord (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk-O (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{EB6332D7-3C3F-43AC-B332-4DC6E4EFE0C6}_is1) (Version: 18.02.0001 - Mail.Ru Group)
DMD-URKK (HKLM-x32\...\DMD-URKK-B32DCA3D-5D97-4A80-A969-60A961FD5E5D_is1) (Version: 1.0.0.0 - SimMarket)
Domodedovo International Airport v1.1 (HKLM-x32\...\MDESIGN_DOMODEDOVO_INTL_is1) (Version: 1.2.0.0 - SimMarket)
Download Master 6.16.1.1595 (HKLM-x32\...\Download Master_is1) (Version: 6.16.1.1595 - NEO)
Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
Driver Easy 5.6.8 (HKLM\...\DriverEasy_is1) (Version: 5.6.8 - Easeware)
DXGL 0.5.12 (HKLM-x32\...\DXGL) (Version: 0.5.12 - William Feely)
Eaglesoft Citation X 750 2.0 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Eaglesoft Citation X 750 2.0 ) (Version: - )
EasyNavs v5.13 (HKLM-x32\...\EasyNavs_is1) (Version: 5.13 - Hervй Sors)
EFASS version NG (HKLM-x32\...\{C99177FE-4E7B-46CA-B3C2-73581D4063C1}_is1) (Version: NG - Froom Simulation Software)
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
Electrum (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.2.0.1 - TOGA projects)
EXEStealth (HKLM-x32\...\EXEStealth) (Version: - )
EZdok Camera Version 2 (HKLM-x32\...\EZdok Camera Version 2) (Version: - )
F1 GTN Complete (HKLM-x32\...\F1GTN) (Version: 2.12 - Flight1 Aviation Technologies)
FLAi Operations Center (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9c54cef4273db6f7) (Version: 1.0.0.18 - BVARTCC)
Flight Environment X (HKLM-x32\...\Flight Environment X) (Version: - )
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Purchase Agent (HKLM-x32\...\Flight1 Purchase Agent) (Version: - )
FlightFX (remove only) (HKLM-x32\...\FlightFX) (Version: - )
Fly The Maddog X 32bit Edition for FSX (HKLM-x32\...\Fly The Maddog X 32bit Edition for FSX) (Version: - )
ForceBindIP (HKLM-x32\...\ForceBindIP) (Version: - )
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FS Cabin Crew Full Edition (HKLM-x32\...\{033F002F-BF4E-45E5-8522-823B87ED75D2}) (Version: 1.00.0000 - drubware.net)
FS Decelerate version 1.0 (HKLM-x32\...\{F7FDD01F-AC31-4923-92EC-D52D04311583}_is1) (Version: 1.0 - Nikola Jovanovic)
FS Real Time v1.98.1 (HKLM-x32\...\FS_Real_Time) (Version: - )
FS2XPlane (HKLM-x32\...\FS2XPlane) (Version: 3.26 - Jonathan Harris <x-plane@marginal.org.uk>)
FSAirlines Client (HKLM-x32\...\FSAirlines Client) (Version: - )
FSBuild 2 (HKLM-x32\...\FSBuild 2) (Version: 1 - EA)
Fsbuild 2.4.0.32 (HKLM-x32\...\Fsbuild 2.4.0.32) (Version: - )
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSControl v5.06 (HKLM-x32\...\FSControl_is1) (Version: 5.06 - Hervй Sors)
FSDG - Cape Town X FSX (HKLM-x32\...\FSDG - Cape Town X FSX) (Version: - )
FSDreamTeam GSX version 2.7.0 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.7.0 - VIRTUALI Sagl)
FSLabs A320-X Aeroflot livery v1.5 (HKLM-x32\...\FSLabs A320-X Aeroflot livery_is1) (Version: 0.1.5.0 - FlightSimLabs, Ltd.)
FSLabs A320X Binaries v1.0.1.310 for FSX (HKLM-x32\...\A320X_FSX_Binaries_is1) (Version: 1.0.1.310 - FlightSimLabs, Ltd.)
FSLabs A320X Resources v1.0.1.400 for FSX (HKLM-x32\...\A320X_FSX_Resources_is1) (Version: 1.0.1.400 - FlightSimLabs, Ltd.)
FSLSpotLights v1.0.0.38 (HKLM-x32\...\FSLSpotLights_is1) (Version: 1.0.0.38 - FlightSimLabs, Ltd.)
FSrealWX 3.01.1725 (HKLM-x32\...\FSrealWX 3.0_is1) (Version: 3.01.1725 - Hanse-Coders)
FSrealWX Pro Version 2.04.866 (HKLM-x32\...\FSrealWX Pro_is1) (Version: 2.04.866 - Hanse-Coders)
FSrealWX Server Version 1.00.80 (HKLM-x32\...\FSrealWX Server_is1) (Version: 1.00.80 - Hanse-Coders.)
FSTramp (HKLM-x32\...\{0B3EAF6B-BBF1-45EF-B4DA-D16DC7574507}_is1) (Version: 7.26 - Team FSTramp)
Futuremark SystemInfo (HKLM-x32\...\{54A3802E-DFED-4235-85A7-A604FE1CC64D}) (Version: 5.14.693.0 - Futuremark)
FxSound Enhancer (HKLM-x32\...\FxSound Enhancer) (Version: 13.027 - FxSound)
Garmin Aviation Checklist Editor (HKLM-x32\...\{51B555C4-F02B-44A5-8710-8EFE8FCB0589}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Aviation Trainers (HKLM-x32\...\{ebaa1977-06b1-4bef-8e97-ee6421df8e96}) (Version: 2.5.0.0 - Garmin)
Garmin GTN Trainer (HKLM-x32\...\{6DFD1B14-A965-4729-AFB9-408447388AB3}) (Version: 6.62.0.0 - Garmin) Hidden
Garmin Trainer Databases (HKLM-x32\...\{ABD210BC-DB31-4B6C-A342-B022F6FC9945}) (Version: 2.5.0.0 - Garmin) Hidden
Garmin Trainer Launcher (HKLM-x32\...\{95C42791-3D93-4234-9710-8460719D1585}) (Version: 2.5.0.0 - Garmin) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe)
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: 5.40.10482 - )
HHD Software Hex Editor Neo 6.42 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.42.1.6170 - HHD Software, Ltd.)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyperion EOS Control Data Suite (HKLM-x32\...\{615030C8-3D49-4CC1-BD58-5549107A924B}) (Version: 13.08.20 - Hyperion)
HyperSnap (HKLM\...\{39332DD5-F8B8-D804-EE99-DB3BF785DDA1}) (Version: 8.13.02 - Hyperionics Technology LLC)
HyperSnap (HKLM-x32\...\HyperSnap 8.10.00) (Version: - )
iFly Jets - The 737NG for FSX (HKLM-x32\...\iFly Jets - The 737NG for FSX) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Hotfix 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Hotfix 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1a (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1a) (Version: - )
iFly Jets - The 747-400 V2 for FSX (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX) (Version: - )
iFly737 FSX DVD Customer Update 3.1 (HKLM-x32\...\iFly737 FSX DVD Customer Update 3.1) (Version: - )
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Infognition ScreenPressor v2.1 (Remove Only) (HKLM-x32\...\SCPR) (Version: - )
InnoExtractor 5.2.2.188 (HKLM-x32\...\{406AB259-8887-4257-AE79-78D3BC3E528B}_is1) (Version: 5.2.2.188 - Havy Alegria)
Intel(R) Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{A85094B2-BFE8-4C0D-8FF9-2B139D6A4008}) (Version: 8.7.19627 - iSpring Solutions Inc.)
IvAi v1.0.0 b150 (HKLM\...\IvAi_is1) (Version: - IVAO)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
kACARS - Landing Rate (HKLM-x32\...\{FD1DE517-419E-4AD1-A791-72214057E3AD}) (Version: 1.0.0000 - FS-Products)
Letasoft Sound Booster 1.11.0.505 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.505 - Letasoft LLC)
Level-D 767-300 for FSX (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Level-D 767-300 for FSX) (Version: - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Loaris Trojan Remover 3.0.68 (HKLM\...\Loaris Trojan Remover_is1) (Version: 3.0.68 - lrepacks.ru)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MCDU 2.31 (HKLM-x32\...\MCDU_is1) (Version: - )
MediaHuman YouTube Downloader 3.9.9.10 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.10 - MediaHuman)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MFS Client (HKLM-x32\...\MFS Client) (Version: - )
MFSClientV5 (HKLM-x32\...\MFSClientV5) (Version: - )
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: - )
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM-x32\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 4.0.1.1101 - Flightsim Estonia)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 69.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-GB)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NMG OR Tambo International V4.3 (FSX) (HKLM-x32\...\NMG OR Tambo International V4.3 (FSX)) (Version: - )
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NTLite v1.8.0.7165 (HKLM\...\NTLite_is1) (Version: 1.8.0.7165 - Nlitesoft)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OpenVPN 2.5_git-I602 20170914 refs/heads/master/5fd8e94d31182557 (HKLM\...\OpenVPN) (Version: 2.5_git-I602 - OpenVPN Technologies, Inc.)
OpusFSI Version 5 Flight Simulator Interface (HKLM-x32\...\{98082A12-E24F-4568-B602-B95A3534D91D}) (Version: 5.28.3 - Opus Software Limited)
OpusFSX for FSX and Prepar3D Flight Simulators (HKLM-x32\...\{A6C11E93-4637-4467-B623-AE7F675DF046}) (Version: 3.55.2 - Opus Software Limited)
Oracle VM VirtualBox 5.2.16 (HKLM\...\{9BDE6621-5201-47E9-8394-FF44CBD66A1E}) (Version: 5.2.16 - Oracle Corporation)
OSFMount v2.0 (HKLM\...\OSFMount_is1) (Version: 2.0.1001 - Passmark Software)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.3.1.8 - Bitsum)
Pilots - Almeria LEAM (HKLM-x32\...\Pilots - Almeria LEAM) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion FSX (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PolyLoader (HKLM-x32\...\{2C3BFF40-1468-48F4-8902-DC553874D636}) (Version: 3.5.3 - Yemiez)
Prepar3D v4 Professional Plus (HKLM-x32\...\{33dd160e-e04d-4022-8250-0a7f4b50a542}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.5.12.30293 - Lockheed Martin)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Process Lasso 9.3.0.44 (HKLM\...\Process Lasso_is1) (Version: 9.3.0.44 - Bitsum LLC)
Process Lasso Pro (HKLM-x32\...\Process Lasso Pro) (Version: - )
PSXseeconTraffic 14.6 (HKLM-x32\...\PSXseeconTraffic_is1) (Version: - Nico Kaan)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QSimPlanner version 0.4.8 (HKLM-x32\...\QSimPlanner_is1) (Version: 0.4.8 - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version: - )
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Reg Organizer (HKLM-x32\...\Reg Organizer) (Version: - ChemTable Software)
Reg Organizer 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - lrepacks.ru)
Resource Hacker Version 5.0.42 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Resource Tuner 2.20 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.20 - Heaventools Software)
REX 4 Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{C7BB0C28-2AE4-4AAB-A38B-42CFADDC0EF5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Sky Force 3D for FSX, FSX-Steam, P3Dv3 (HKLM-x32\...\{A4D281C6-83D5-4150-B52D-032DE1465651}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 - PATCH ONLY (HKLM\...\{622205F7-7CC6-4314-9269-8029E4FE0EF8}) (Version: 5.0.2018.0520 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 (HKLM\...\{AAA37EC2-CBC4-4525-999F-12AB2C8542E5}) (Version: 5.0.2018.0508 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{2481E6EB-6771-4507-89BC-3CDC701F7949}) (Version: 5.0.2019.0116 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{556C3051-15D2-4AAF-BC1B-6FCF7F2B5D62}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Soft Clouds - SP3 - Hotfix 5 (HKLM-x32\...\{98C432AB-8BC0-4C76-8336-889E907F955A}) (Version: 4.3.2017.0714 - REX Game Studios, LLC.)
REX Soft Clouds with SP3 - Hotfix 3 (HKLM-x32\...\{656E22EA-EB88-4F68-9F4E-61F6FBF5FF50}) (Version: 4.3.2016.0622 - REX Game Studios, LLC.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
SanityCheck 3.51 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
SceneryTech Africa Landclass v1.0 (HKLM-x32\...\{DA17C501-E443-4371-873C-3C79373A2E33}) (Version: 1.0 - SceneryTech)
SceneryTech Asia Landclass v1.0 (HKLM-x32\...\{F22EE695-4EF1-4188-A209-FD959A494F7B}) (Version: 1.0 - SceneryTech)
SceneryTech North America Landclass v1.4 (HKLM-x32\...\{E91C757A-854C-4057-A67D-7FAE297B2016}) (Version: 1.4 - SceneryTech)
SetFileDate 2.0 (HKLM-x32\...\SetFileDate_is1) (Version: - No Nonsense Software)
SetInstaller (HKLM-x32\...\{53A529DA-F303-466A-BB0F-5308B89854C3}) (Version: 1.00.0000 - RD-soft)
SIDSTAR Converter (HKLM-x32\...\{2FB37C4E-9370-4405-A037-43D23DE258B2}) (Version: 1.30.0000 - Matias Sorcinelli)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SimObject Display Engine (HKLM-x32\...\{C3CEE3FC-84DD-4B1A-8192-5FB8F490319F}) (Version: 1.6.4 - 12bPilot)
SimToolkitPro (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9dee011f30ac205b) (Version: 0.2.2.9 - SimToolkitPro)
Simware's - Valencia X - FSX (HKLM-x32\...\Valencia X - FSX) (Version: 1.14 - Simware)
Sleeping Dogs, версия 2.1 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 2.1 - Other s)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSD Tweaker 4.0.1 (HKLM\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 4.0.1 - elpamsoft.com)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swift 0.9.0 64bit (HKLM\...\swift 0.9.0) (Version: 0.9.0 - swift Project)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Telegram Desktop version 1.8.13 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.13 - Telegram FZ-LLC)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Tirana Intl` Airport - Albania 1.0 FSX (HKLM-x32\...\latixfsx1) (Version: 1.0 FSX - TropicalSim)
TOGA - ENVSHADE v1.0 (HKLM-x32\...\TOGA-ENVSHADE-AC95BBC1-68C7-48AA-AABC-47B3B2E52C09_is1) (Version: 1.0.0.0 - SimMarket)
TOGA_ENVTEX_1.2.0 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.2.0 - SimMarket)
TOPCAT 2.74 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 - FSS GmbH)
TOPER Calculator Tool version 1.8 (HKLM-x32\...\{92B07EA8-479E-4308-85B2-4A4B21554B33}_is1) (Version: 1.8 - Nikola Jovanovic)
Turbulent Terminal 2.4.4.0 (HKLM\...\{6E23BCF4-8093-4211-9050-D98353E5D830}) (Version: 2.4.4.0 - Turbulent Designs)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultimate Ground Crew X (HKLM-x32\...\Ultimate Ground Crew X ) (Version: - )
Ultimate Terrain Lights For FSX (HKLM-x32\...\Ultimate Terrain Lights For FSX) (Version: - )
Ultimate Terrain X - Europe V2.1 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - Europe V2.1 (FSX Support)) (Version: - )
Ultimate Terrain X - USA V2.3 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - USA V2.3 (FSX Support)) (Version: - )
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
URMM-2018 (HKLM-x32\...\{D65B8395-701B-4FED-94E5-30281FDD7E64}) (Version: 1.0.0 - STTS-PC (Tsyba Andrey))
utLive Fall/Winter 2018 Schedule (HKLM-x32\...\F1UTLive) (Version: 1.0.0.0 - Flight One Software)
UTX Europe V2.1 Install Manager (HKLM-x32\...\UTX Europe V2.1 Install Manager) (Version: - )
UTX USA V2.3 Install Manager (HKLM-x32\...\UTX USA V2.3 Install Manager) (Version: - )
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VFXCentral version 1.0.0.92 (HKLM-x32\...\VFXCentral_is1) (Version: 1.0.0.92 - OldProp Solutions Inc.)
Viber (HKLM-x32\...\{36E3DCB1-78E8-405A-8088-DFEE6BAB7BFF}) (Version: 6.8.2.878 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{190bc592-977d-4ebf-be51-225bed62e481}) (Version: 6.8.2.878 - Viber Media Inc.)
Video Downloader Converter (HKLM-x32\...\{1AB4F3A2-5033-5E70-7E46-A0BC12DDE448}) (Version: 3.14.8.6433 - Allavsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{560E475D-C5B0-4F8C-A21B-522CCC364D5B}) (Version: 15.0.3 - VMware, Inc.)
VMware Workstation (HKLM\...\{C6633647-27D4-4474-9195-5EEEF0E2EC06}) (Version: 14.1.3 - VMware, Inc.)
vPilot (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\vPilot) (Version: 2.2.2 - Ross Carlson)
Warface (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Warface) (Version: 1.316 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\WhatsApp) (Version: 0.3.4941 - WhatsApp)
WhoCrashed 6.60 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.50 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Acer Inc. Monitor (07/22/2012 1.0.0.0) (HKLM\...\8406B4755454697EF76881B741E08B055E4FA25D) (Version: 07/22/2012 1.0.0.0 - Acer Inc.)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/17/2012 1.17.65.11) (HKLM\...\39FCA3B1E44BB5B526E74F29B111ACB49ABC9017) (Version: 09/17/2012 1.17.65.11 - JMicron Technology Corp.)
Windows Driver Package - Phantom TAP-Windows Provider V9 (phantomtap) Net (11/05/2014 9.00.00.21) (HKLM\...\E86C43F8EA2789061467821169F2000B9944C0BE) (Version: 11/05/2014 9.00.00.21 - Phantom TAP-Windows Provider V9)
Windows Driver Package - Razer (HidUsb) HIDClass (11/20/2012 1.01) (HKLM\...\BE7F5114C00B9A620315841E988BBFAAEE165683) (Version: 11/20/2012 1.01 - Razer)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 10.1.3.2130) (HKLM\...\47974EDC781C5B49C74F733E14FC298A782DA59E) (Version: 05/23/2018 10.1.3.2130 - Silicon Laboratories Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinTools.net Premium version 18.0.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.0.1 - WinTools Software Engineering, Ltd.)
Wise Disk Cleaner 10.2.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.2.5 - WiseCleaner.com, Inc.)
WX Advantage Radar (HKLM-x32\...\{BA4156D4-A599-47BB-9844-9E351F7A9404}) (Version: 1.1.2018.1220 - MILVIZ REX Game Studios, LLC.)
WYSIWYG Web Builder 14.1.0 (HKLM-x32\...\WYSIWYG Web Builder 14_is1) (Version: 14.1.0 - Pablo Software Solutions)
XPFlightPlanner (uninstall) (HKLM-x32\...\XPFlightPlanner) (Version: - )
Агент Dating.ru (HKLM-x32\...\{BA9235A8-9B90-8B57-A43A-F23570C4D4E7}) (Version: 1.1.6 - UNKNOWN) Hidden
Агент Dating.ru (HKLM-x32\...\ru.dating.Client) (Version: 1.1.6 - UNKNOWN)
ВидеоМАСТЕР 12.0 (HKLM-x32\...\{42469BAA-1E65-4267-922E-3D10A0E491F1}_is1) (Version: 12.0 - AMS Software)
Игровой центр (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\GameCenter) (Version: 4.1514 - ООО Мэйл.Ру)
Периодическая система (HKLM-x32\...\Периодическая система) (Version: - )
Экипаж 4.0 для FSX(P3D) (HKLM\...\CREWRD) (Version: 4.0.5.0 - Роман Девятериков)
Экранная Камера 4.0 (HKLM-x32\...\Экранная Камера_is1) (Version: 4.0 - AMS Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\homepc\Desktop\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Периодическая система.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Справка.lnk -> C:\Program Files (x86)\Periodic Table\Table.chm () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Таблица Менделеева.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Химический калькулятор.lnk -> C:\Program Files (x86)\Periodic Table\ChemCalc.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Удалить программу Экипаж 4.0 FSX(P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Uninstall.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0.Руководство пользователя.lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Экипаж 4.0.Руководство пользователя.pdf () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
Shortcut: C:\Users\Public\Desktop\1C Предприятие.lnk -> C:\Program Files\1cv8\common\1cestart.exe (1C-Soft LLC) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Видео МАСТЕР.lnk -> C:\Program Files (x86)\ВидеоМАСТЕР\VideoMASTER.exe (AMS Software) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Экранная Камера.lnk -> C:\Program Files (x86)\Экранная Камера\ScreenCapture.exe (AMS Software) <==== Cyrillic

ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Деинсталляция.lnk -> C:\Program Files (x86)\Periodic Table\UNWISE.EXE () -> C:\PROGRA~2\PERIOD~1\INSTALL.LOG <==== Cyrillic
ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-12-24 16:58 - 2016-04-01 08:30 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000154112 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000075776 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000544256 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000079872 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000238080 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000272896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000124416 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 17:07 - 2019-03-05 17:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000217600 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000008192 _____ () [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2004-09-30 21:15 - 2004-09-30 21:15 - 000192000 _____ () [File not signed] C:\Program Files\LinkShellExtension\RockallDLL.dll
2018-11-27 01:19 - 2018-11-09 11:52 - 001801728 _____ () [File not signed] C:\Program Files\Loaris Trojan Remover\shellext.dll
2019-09-13 02:09 - 2019-07-17 13:09 - 000097280 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\autorun.wdx
2019-09-13 02:09 - 2019-01-11 11:14 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\Autorun_Sysinfo.dll
2019-09-13 02:09 - 2016-02-01 01:03 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\TCFS2Tools.dll
2017-08-04 23:22 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2017-08-04 23:22 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000189952 _____ (Bigfoot Networks, Inc.) [File not signed] C:\WINDOWS\system32\BfLLR.dll
2016-04-19 21:53 - 2016-04-19 21:53 - 000752640 _____ (Hermann Schinagl) [File not signed] C:\Program Files\LinkShellExtension\HardlinkShellExt.dll
2017-08-23 17:09 - 2016-10-04 17:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-08-23 17:09 - 2016-10-04 18:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip32.dll
2017-08-04 23:22 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\Logger.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\TcpServer.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 001115648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Jeppesen\CDA\libcurl.dll
2016-09-14 21:12 - 2016-09-14 21:12 - 000202752 _____ (TOSHIBA CLIENT SOLUTIONS CO., LTD.) [File not signed] C:\WINDOWS\System32\tbtmon.dll
2009-06-19 09:57 - 2019-05-15 16:50 - 000079176 ____R (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll
2013-06-18 18:51 - 2013-06-18 18:51 - 000057344 _____ (TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
2014-01-20 09:25 - 2014-01-20 09:25 - 000683520 _____ (TOSHIBA) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll
2019-03-17 09:56 - 2019-03-17 09:56 - 006790576 _____ (VMware, Inc. -> VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmwarebase.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-19 00:03 - 2019-10-07 23:00 - 000000820 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-06-28 00:48 - 2018-12-22 17:41 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.97.225 SIMPC.mshome.net # 2023 12 4 21 14 41 34 580

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\python27\;c:\python27\scripts;c:\python37\scripts\;c:\python37\;c:\program files\python37\scripts\;c:\program files\python37\;c:\program files (x86)\python37-32\scripts\;c:\program files (x86)\python37-32\;c:\program files (x86)\common files\oracle\java\javapath;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\putty\;c:\program files\microsoft sql server\120\tools\binn\;c:\windows\system32\openssh\;c:\program files (x86)\universal extractor;c:\program files (x86)\universal extractor\bin;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Process Lasso\;
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Zaxar Games Browser.lnk"
HKLM\...\StartupApproved\Run32: => "Process Killer"
HKLM\...\StartupApproved\Run32: => "QW787_v1.1.2a_update"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "FlightPlan"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\StartupFolder: => "Disk-O.lnk"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "agent.desktop"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "TeamSpeak 3 Client"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Task Killer"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "MailRuUpdater"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7EB13BC-B524-4B34-B19F-D9252E895FEC}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{92431C8F-8783-4B6D-BCD2-1F049D5E86A4}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{9EED2BA5-FD20-486D-A536-8BE733CF5298}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [UDP Query User{B2A2C08F-CF13-4F50-87B1-4404290DE6BC}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{B3B0E0F5-B6B9-4E6B-A579-8F2FF7DCD539}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{24AE18E1-376C-4C8C-88E3-756AD6E8F1FF}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{ECB6E938-BA55-4A79-9667-8CC59F907BED}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [{0C662D46-90B2-4A0D-993E-7B5AB74B63CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{447C1BF0-D395-408A-86B4-E79CB6CC4CA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E94FD67-2E65-4486-9C7A-0C23FED70134}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4556C8C8-5AB1-4441-A9F9-987E79AA2B07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [{D03D69C1-EFB2-450C-80BD-8FBEEF9671C2}] => (Allow) LPort=27018
FirewallRules: [{D68F1B17-D4AA-4299-9D3B-48C73F8E5FB7}] => (Allow) LPort=27018
FirewallRules: [{0858CDC2-5CA3-40AF-B904-1AD8657E51A1}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{CEB90DB5-53E8-4607-80E9-5339C6746EF2}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{3DAFD2DE-D713-4E2A-9600-17B452C2ED4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{054C41F6-66CE-42A8-9A1A-B8DEA1C550D3}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [TCP Query User{5FEB811F-332F-49F5-A162-B5BA002A663C}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [{CB77D2EC-DC39-422D-B413-39FBEC336DE9}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{595CA0CE-2A7E-4470-9BB6-38F103433F2B}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{4AA8CF2B-66F9-4BFC-9E0B-AA8F5885294E}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{3B107FF7-F480-4907-A4FB-3F7714F7BE68}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{5C744760-F3B0-4319-A879-D89B8A1074AA}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AEB22A63-9FA3-4A4A-9A44-7161B50FCDC3}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{C0460C5C-3A66-4632-97EB-070ACEF26479}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [UDP Query User{0B2BF0B2-41FE-4B71-8520-8AC3007D7720}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{53348E58-461E-4258-BA66-E91017C0FD16}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{B6AE70F1-BDF0-4E62-BB94-516B7C324753}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{5CDFCF59-26B3-4B69-8E06-3C02C9CAB553}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{96B991BD-E11E-4548-9A9C-E6186C8D7429}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{C1BFE00F-2415-4D08-80C1-F93BD570C451}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [UDP Query User{CE150DCC-B59C-4C0A-84EC-A60E8D542E34}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [TCP Query User{6EEACA57-4BBA-4634-9AD6-E4D2909A72E8}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [UDP Query User{02B17218-6FD4-4E07-A75F-51FBF71F5D0F}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{0A23C4E4-7622-48FB-861E-B7A7591414CF}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [UDP Query User{597CD9F4-E3D7-40B6-9CDD-545570488EF1}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{8B0212FC-66C6-4010-8DAB-2E9961FC3AAB}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [{23158DF7-2097-46A7-AAA2-B739F542D4A6}] => (Allow) LPort=19285
FirewallRules: [{2EF28D36-9962-4A7F-B599-927EEBA615D0}] => (Allow) LPort=19286
FirewallRules: [{39946E2F-5309-4F07-9D92-7E60D7D6D67D}] => (Allow) LPort=445
FirewallRules: [UDP Query User{6FA38C0B-2E44-43D9-930A-17C0CE6C8C41}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{FDFE1363-85A9-4896-AB5D-BC9765D67B61}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [UDP Query User{FA937985-DF0A-441E-A4AE-3A8FF5ADFF45}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{62ADDCD2-0570-4D2B-9E68-21B1713CBEC4}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{833BF29F-12FA-49D5-917F-D724EBE42016}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{026AADEC-B7C9-43C4-8B29-2DB65A9C9783}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6DC23AF1-4C8C-4F51-84B4-9C6F82AAF961}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7BA7B256-F089-4113-B38A-BD78E124F346}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D941EE11-D952-4076-8E61-210B28CDE073}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74176E21-E284-4ABB-881F-40023BCC5D55}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4846AC10-8DC2-446A-A653-14DFAED774F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [TCP Query User{676F5E36-DD33-4686-A370-1DE14D98E204}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [UDP Query User{57E59788-28E4-4FAA-8C3A-F19862BE5DCE}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [TCP Query User{521C2D40-5606-4928-905D-DB2E64B5ABEF}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [UDP Query User{192EBD3D-8889-41DD-95CA-C42AF1DAE9BC}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [{AD70EFAA-5E40-4138-970E-D3248BF9453C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9A3DD3D7-7F37-4ADF-86CE-5CA55A9CCEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{00049BA3-0170-46EA-8D25-5ADA116BAB9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{349911C9-75D0-4039-8A34-B0EECD22005C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FC842B5E-859A-492A-A1E2-657B9D834C7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{930BC321-7152-43CE-BDAC-D2AEC9743674}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C3F51683-AF61-4E18-8EB1-00C7408B5980}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{576A76CB-53C4-4743-8AF6-9E6207DCD6EA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{8C14099A-FC0D-4A2E-A749-BFF13E10F1C3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{684DE1AE-9DE5-4848-AB0E-C8C2F2ABCB33}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{960AB28A-53D9-4A30-8EC3-D7EE522B4DE4}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3B74F7E-4E85-4B55-A412-89FD511193E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E414530-A57C-4D99-9AD0-04199D8F0B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8650815-BA84-4AEE-97BD-301147899700}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{3ED8FFCD-9FB8-41B7-8F01-BC42F28CDAE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25611D40-D1A2-48F2-B5BC-CF3A1045319E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2799090-26FC-4FC6-BDFC-B7449E64C66A}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{A836BF80-D6CC-453F-B190-DCD289E7F13D}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{845C5C83-CE0A-4EE4-9140-BA844E868477}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F935380-61F5-47D2-AEE7-77C09CFC0E6B}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{29EAFA0F-4DA8-480D-A009-5EAEFFDD33D1}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{711D19CA-24AF-4AEE-B8A9-3520A4F649AA}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{BFC8316C-DDE7-4D75-A171-BD28A00672BB}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{9475C2EF-D956-4335-8966-3E10261F2551}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{10A22D99-92AE-42FE-8F2F-ACBFC91B1CDE}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{1A34BEEF-DCDE-4DCD-8417-FCE61D6BBD60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7675E67-63D5-40C5-AA26-47CF361648FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3410C96-7AD3-465B-9B10-B3E9D1EA52C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50311E7E-2AA7-4643-B80A-F26E2536FEE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D6C7C51-A369-4C2C-A51D-6BAD763F7215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C45E5B4-805E-4C2F-9B3B-5D26A69B7E9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DADFE512-9B4B-43E8-9813-2CA27C0855C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F12B7F3-232F-4C1F-8C8E-7B33034667C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B99D6CC3-7252-4E1C-897D-5AD7609BF5C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => c:\windows\system32\lvcod64.dll [398360 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => c:\windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => c:\windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => c:\windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.SCPR] => C:\Windows\SysWOW64\SCPR.dll [367116 2012-06-13] (Infognition Co. Ltd.) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Restore Points =========================

07-10-2019 23:01:19 Removed Prepar3D v4 Content

==================== Faulty Device Manager Devices =============

Name: Standard SATA AHCI Controller
Description: Standard SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard SATA AHCI Controller
Service: storahci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:24:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.771_none_4d5d78071b9fe78b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.771_none_05b041300723be85.manifest.

Error: (10/07/2019 11:24:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:24:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:24:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.


System errors:
=============
Error: (10/07/2019 11:23:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 11:23:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 11:22:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7041) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service was unable to log on as .\homepc with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: 1C:Enterprise 8.3 Server Agent (x86-64)
Domain and account: .\homepc

This service account does not have the required user right "Log on as a service."

User Action

Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CG6Service service failed to start due to the following error:
The system cannot find the path specified.

Error: (10/07/2019 11:21:55 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/07/2019 11:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================

Date: 2019-10-07 23:27:00.886
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:26:00.868
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:25:00.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:24:00.847
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:23:00.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:22:28.831
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:22:12.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:22:04.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4d 12/12/2011
Motherboard: Gigabyte Technology Co., Ltd. G1.Guerrilla
Processor: Intel(R) Core(TM) i7 CPU 980 @ 3.33GHz
Percentage of memory in use: 36%
Total physical RAM: 12286.42 MB
Available physical RAM: 7835.33 MB
Total Virtual: 18835.76 MB
Available Virtual: 13987.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.78 GB) (Free:6.33 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (simdisk) (Fixed) (Total:119.24 GB) (Free:0.09 GB) NTFS
Drive e: (FILMS) (Fixed) (Total:931.51 GB) (Free:94.58 GB) NTFS
Drive f: (storage2) (Fixed) (Total:465.75 GB) (Free:0.67 GB) NTFS
Drive g: () (Fixed) (Total:55.89 GB) (Free:0.68 GB) NTFS
Drive h: (backup) (Fixed) (Total:931.51 GB) (Free:4.81 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c2d32257-0000-0000-0000-80b81b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2d32257-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F477C05A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 55.9 GB) (Disk ID: 465FB6DD)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C2D32257)
Partition 1: (Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FB81C632)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: FB81C633)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by homepc (administrator) on SIMPC (Gigabyte Technology Co., Ltd. G1.Guerrilla) (07-10-2019 23:36:38)
Running from C:\Users\homepc\Desktop\Tor Browser
Loaded Profiles: homepc (Available Profiles: homepc & test & newuser & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Pro Version 1809 17763.775 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
() [File not signed] C:\TCPU71\Programm\ClockTC\ClockTC.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(CA -> CA) H:\CA_LIC\lic98Service.exe
(CA -> CA) H:\CA_LIC\LogWatNT.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent_adm.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.) C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe
(FxSound, LLC -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Ghisler Software GmbH) [File not signed] C:\TCPU71\TOTALCMD.EXE
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Jeppesen Sanderson, Inc -> Jeppesen) C:\Program Files (x86)\Jeppesen\JWC\JWC.exe
(Konstantin Polyakov IP -> Chemtable Software) C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Notepad++ -> Don HO don.h@free.fr) C:\TCPU71\Programm\Notepad++\notepad++.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SelfSigned -> ) [File not signed] C:\Program Files (x86)\Dating\Dating.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The OpenVPN Project) [File not signed] C:\Program Files\OpenVPN\bin\openvpnserv.exe
(TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\homepc\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22147976 2019-10-02] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Process Killer] => C:\Program Files (x86)\Process Killer\prkiller.exe [38400 2005-07-30] () [File not signed]
HKLM-x32\...\Run: [QW787_v1.1.2a_update] => F:\Симуляторы\P3DV4\Самолеты\QW_787_P3DV4\QW787_v1.1.2a_update.exe [17147444 2018-11-21] () [File not signed]
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1780728 2019-07-26] (FxSound, LLC -> ) [File not signed]
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-02-20] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FlightPlan] => e:\симуляторы\FlightPlan_3_7\FlightPlan.exe [835584 2012-05-05] (Umberto Degli Esposti) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [14941336 2018-06-04] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Task Killer] => E:\Task.Killer.Portable\TaskKiller.exe [221696 2015-12-19] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [AutoHideMouseCursor] => E:\FSL_A320X\P3Dv4.1\FSLabs_A320X_P3D_v2.0.1.237\AutoHideMouseCursor_x64\AutoHideMouseCursor_x64.exe [152576 2018-03-23] (Nenad Hrg (SoftwareOK.com)) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [636416 2017-09-15] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Viber] => C:\Users\homepc\AppData\Local\Viber\Viber.exe [41029704 2019-09-25] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [ECMHelper] => C:\Program Files (x86)\Экранная Камера\Agent.exe [847600 2018-12-26] (AMS Software) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16443120 2018-10-05] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [GameCenter] => C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe [9983616 2019-08-08] (Mail.Ru, LLC -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [SimBrief Downloader] => C:\Users\homepc\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer -> Derek Mayer)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23912440 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {0dd97860-05ce-11e9-82b3-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {94b459e9-074c-11e9-82bb-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {a16e49be-19a4-11e9-833c-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {acbb8ff6-100a-11e9-8305-001fc6276e5b} - "L:\dvdcheck.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {d8fd3f33-0891-11e9-82be-001fc6276e5b} - "L:\setup.exe"
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk [2019-09-15]
ShortcutTarget: Bigfoot Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2019-05-15]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2018-12-24]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dating.lnk [2019-07-28]
ShortcutTarget: Dating.lnk -> C:\Program Files (x86)\Dating\Dating.exe (SelfSigned -> ) [File not signed]
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disk-O.lnk [2018-12-10]
ShortcutTarget: Disk-O.lnk -> C:\Users\homepc\AppData\Local\Mail.Ru\Disk-O\DiskO.exe (LLC Mail.Ru -> Mail.Ru)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Letasoft Sound Booster.lnk [2019-01-08]
ShortcutTarget: Letasoft Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft LLC -> Letasoft)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2018-05-22]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CE988A7-5BCD-40BB-8354-D187202BEACF} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2550968 2012-08-30] (Beepa Pty Ltd -> Beepa P/L) [File not signed]
Task: {32566FC1-6EE8-417C-B89F-C1B871382D6B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3B483FCD-B42F-4CBE-96E6-15CEE4158812} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_homepc => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {3E531F2C-FC20-4030-9AD8-58A7330BE779} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
Task: {48669851-E43F-4749-86DF-BC580859156F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BB42F87-709C-4EA8-9AA8-43DB55C04928} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [6982216 2019-09-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {4F71DDFA-CEB3-46C5-B103-0CC0B3BD3FED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {577622A0-4C43-496D-85A2-924AC1336ADD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-14] (Adobe Inc. -> Adobe)
Task: {66669C3C-4730-45E9-9C0C-98B790D86110} - System32\Tasks\Core Temp Autostart homepc => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {6F3C805A-1DD5-4554-8B51-D1E29E54E471} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {88F6EC18-D85C-48C2-9AE3-B0D27DEDAB6F} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1029512 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {8A7573F9-A3B1-4BB5-862D-EF7D294221F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B25905B-ED6B-4E17-8FA2-A86E1473AEC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9302A8F4-8FD2-453C-9B6C-AA8A44265007} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2357164880-557895980-647672482-1001 => C:\Users\homepc\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {95F74322-C145-432A-B5DC-5A00537981D5} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [709512 2019-08-15] (Bitsum LLC -> Bitsum LLC) <==== ATTENTION
Task: {987F598E-0428-4639-8259-2820430D78D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C6F6EEC-7E5B-47DD-909B-47537097061D} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {B425F0F0-DE66-4D15-AF02-AEDBE66B23D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {B58A9E73-4B07-44D6-BF0F-C16A3B42C820} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1541520 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {C75E651E-8A3B-4A70-B2F8-705E6390EEC8} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {DE55D662-192E-44AD-A44C-92D7366BE150} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E769C0E3-71CF-445A-B5C7-EA3170B56DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {E80A2128-822A-4712-A4B1-82EFDAE09546} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ED970E6A-70A3-4E19-9243-A8AD38614FC6} - System32\Tasks\FPSMonitor => C:\Program Files (x86)\FPS Monitor\FPSMonitor.exe [7098592 2019-04-25] (Kozadaev Eduard Vladimirovich -> )
Task: {EED15068-93C9-4E25-BA26-7EA0B5CB6808} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F6DA550E-A9CA-4E3C-84DE-900736C61C68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F95AE5D8-379F-4656-BED6-12A6D5A2C054} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [11517320 2019-08-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {FFB35F64-23CA-42B2-BD87-CC98E4B0A343} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 22 C:\WINDOWS\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 22 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31232c54-0567-44c1-af24-8ca68e6dc70f}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{b922b671-da25-45bc-bcb6-227098c215e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=812208
SearchScopes: HKU\S-1-5-21-2357164880-557895980-647672482-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BACD27B3D-C9E4-4CD8-9795-15E79965F9DD%7D&gp=812209
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2017-06-23] (Download Master -> WestByte) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pze24zhj.NESTOR
FF DefaultProfile: lh2u6es8.default
FF ProfilePath: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR [2019-10-07]
FF Homepage: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> hxxps://yandex.ru/?clid=2224022
FF NetworkProxy: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: homeutil@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: vb@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@hoxx-vpn.xpi [2019-10-07]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@setupvpncom.xpi [2019-10-07]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@webrtc-leak-shield.xpi [2018-02-24]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\client@anonymox.net.xpi [2018-12-14]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\divanproger@gmail.com.xpi [2019-08-19]
FF Extension: (Free Download Manager) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\fdm_ffext2@freedownloadmanager.org.xpi [2019-09-25]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@ghostery.com.xpi [2019-08-29]
FF Extension: (MEGA) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@mega.co.nz.xpi [2019-10-03] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@tampermonkey.net.xpi [2019-05-30]
FF Extension: (Start Page — Yandex) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\homeutil@yandex.ru.xpi [2019-09-09]
FF Extension: (Pinterest Save Button) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2019-09-25]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\public.proartex@gmail.com.xpi [2018-05-08]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (uBlock Origin) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\vb@yandex.ru.xpi [2019-04-24]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\xd4rker@gmail.com.xpi [2019-02-04]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\zoompage-we@DW-dev.xpi [2019-09-23]
FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2019-05-14]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF ProfilePath: C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default [2019-02-27]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\lh2u6es8.default -> hxxp://mail.ru/cnt/10445?gp=812204
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@hoxx-vpn.xpi [2018-10-19]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@setupvpncom.xpi [2018-02-06]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@webrtc-leak-shield.xpi [2018-03-28]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\client@anonymox.net.xpi [2017-06-24] [Legacy]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\divanproger@gmail.com.xpi [2018-12-16]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@ghostery.com.xpi [2019-01-31]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@tampermonkey.net.xpi [2018-10-06]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\public.proartex@gmail.com.xpi [2017-06-24] [Legacy]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\s3google@translator.xpi [2018-10-20]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\vb@yandex.ru.xpi [2017-08-01] [Legacy]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\xd4rker@gmail.com.xpi [2018-11-21]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\zoompage-we@DW-dev.xpi [2018-12-16]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-26]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-31]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-10-06]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2018-06-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2017-12-24] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mail.ru/cnt/9516
CHR StartupUrls: Default -> "hxxp://www.mail.ru/cnt/9516","hxxp://mail.ru/cnt/10445?gp=812208"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B792CA924-60DD-4AE5-BF89-099626812133%7D&gp=812209
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default [2019-10-07]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2019-01-01]
CHR Extension: (Download Master) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljdacfojgikogldjffnkdcielnklkce [2019-09-25]
CHR Extension: (Direct.Fastix ) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknnjfgcgglncamgpbbdfkianokjohlh [2019-02-03]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-07]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.16.4.6852\BVDChromeExt.crx [2018-12-29]
CHR HKLM-x32\...\Chrome\Extension: [dljdacfojgikogldjffnkdcielnklkce] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-09-16] (BattlEye Innovations e.K. -> )
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [File not signed]
S4 BLMS; C:\Program Files (x86)\BASTION\BLMS.exe [33280 2015-04-29] () [File not signed]
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
R2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [ ]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14703064 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2226136 2019-10-03] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [5388856 2019-08-28] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7136488 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R2 FSLabs Service; C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe [92304 2018-11-08] (Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [439296 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
S4 hasplms; C:\WINDOWS\system32\hasplms.exe [4319776 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-02-02] (SurfRight B.V. -> SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LogWatch; H:\CA_LIC\LogWatNT.exe [75016 2008-05-20] (CA -> CA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 MySQL; C:\Program Files (x86)\BASTION\mysql\bin\mysqld.exe [11074560 2016-01-15] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2018-06-01] (Letasoft LLC -> Letasoft)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2019-02-20] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath
R3 ALSysIO; C:\Users\homepc\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-07] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 Arctosa; C:\WINDOWS\system32\drivers\Arctosa.sys [26624 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 BfEdge7x64; C:\WINDOWS\System32\drivers\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R3 BFN7x64; C:\WINDOWS\System32\drivers\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 cpuz140; no ImagePath
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DIRECTIO37; C:\Program Files\BurnInTest\DirectIo64.sys [31376 2015-02-16] (PassMark Software Pty Ltd -> )
R0 DrWebLwf; C:\WINDOWS\System32\drivers\DrWebLwf.sys [505592 2019-10-07] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2019-09-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R0 DwDevGuard; C:\WINDOWS\System32\drivers\dwdg.sys [241264 2019-03-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\WINDOWS\System32\drivers\dwelam.sys [31984 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\WINDOWS\System32\drivers\dwprot.sys [860240 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-01-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1304840 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ip100Avista; C:\WINDOWS\System32\drivers\ipfnd51.sys [36864 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-11] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2018-03-02] (Extra Solutions Ltd -> Trust.Zone VPN Project)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OSFMount; C:\Program Files\OSFMount\x64\OSFMount.sys [1038416 2018-03-22] (PassMark Software Pty Ltd -> PassMark Software)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-04-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PORTMON; C:\SysinternalsSuite\PORTMSYS.SYS [28656 2018-12-11] (Systems Internals) [File not signed]
S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [39568 2016-06-14] (Prosoft Engineering, Inc. -> )
S3 rspSanity; C:\WINDOWS\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 SpiderG3; C:\WINDOWS\System32\drivers\spiderg3.sys [390248 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2019-09-21] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-11-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp; C:\WINDOWS\system32\disko\winfsp-x64.sys [144848 2018-01-25] (Navimatics Corporation -> Navimatics Corporation)
S3 LVPr2M64; \SystemRoot\system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 23:22 - 2019-10-07 23:22 - 000000000 ____D C:\WINDOWS\Panther
2019-10-07 23:21 - 2019-10-07 23:21 - 000519104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-07 23:21 - 2019-10-07 23:21 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-07 22:47 - 2019-10-07 22:47 - 000011522 _____ C:\Users\test\Documents\FPSMonitor.txt
2019-10-07 22:47 - 2019-10-07 22:47 - 000000258 __RSH C:\Users\test\ntuser.pol
2019-10-07 22:46 - 2019-10-07 22:47 - 000000000 ____D C:\Users\TEMP.SIMPC.000
2019-10-07 22:30 - 2019-10-07 22:31 - 000000000 ____D C:\Users\TEMP.SIMPC
2019-10-07 22:00 - 2019-10-07 22:00 - 000001240 _____ C:\WINDOWS\system32\Drivers\etc\hosts.zip
2019-10-07 21:34 - 2019-10-07 21:35 - 000000000 ____D C:\Users\TEMP
2019-10-07 21:34 - 2019-10-07 21:34 - 000000000 ____D C:\Bandicam
2019-10-07 21:22 - 2019-10-07 22:18 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-10-07 21:21 - 2019-10-07 21:21 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-07 21:21 - 2019-10-07 21:21 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Users\homepc\AppData\Local\mbamtray
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Users\homepc\AppData\Local\mbam
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-07 21:21 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-07 21:21 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-07 18:42 - 2019-10-07 23:37 - 000000000 ____D C:\FRST
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ C:\Users\homepc\AppData\Local\recently-used.xbel
2019-10-07 16:03 - 2019-10-07 16:03 - 000001558 _____ C:\Users\homepc\Desktop\SFCFix.txt
2019-10-07 16:00 - 2019-10-07 16:00 - 000000000 _____ C:\WINDOWS\system32\sfc
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\LocalLow\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\OneDrive
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Mozilla
2019-10-07 15:51 - 2019-10-07 15:51 - 000000000 ____D C:\Users\newuser\AppData\Local\Comms
2019-10-07 15:26 - 2019-10-07 15:26 - 000000000 ____D C:\Users\newuser\AppData\Local\ChemTable Software
2019-10-07 15:24 - 2019-10-07 20:23 - 000000000 ____D C:\Users\newuser\AppData\Local\PlaceholderTileLogoFolder
2019-10-07 15:24 - 2019-10-07 15:26 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1010
2019-10-07 15:24 - 2019-10-07 15:26 - 000000000 ___RD C:\Users\newuser\OneDrive
2019-10-07 15:24 - 2019-10-07 15:24 - 000001450 _____ C:\Users\newuser\Desktop\Microsoft Edge.lnk
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\OpenVPN
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\Toshiba
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\DFX
2019-10-07 15:23 - 2019-10-07 21:30 - 000000000 ____D C:\Users\newuser
2019-10-07 15:23 - 2019-10-07 20:22 - 000011522 _____ C:\Users\newuser\Documents\FPSMonitor.txt
2019-10-07 15:23 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Packages
2019-10-07 15:23 - 2019-10-07 15:26 - 000002369 _____ C:\Users\newuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:23 - 2019-10-07 15:23 - 000000020 ___SH C:\Users\newuser\ntuser.ini
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___RD C:\Users\newuser\3D Objects
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___HD C:\Users\newuser\MicrosoftEdgeBackups
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\ProcessLasso
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Adobe
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\VirtualStore
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Publishers
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\MicrosoftEdge
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Google
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\ConnectedDevicesPlatform
2019-10-07 15:23 - 2017-06-25 00:42 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Macromedia
2019-10-07 15:07 - 2019-10-07 15:07 - 000000000 ____D C:\Users\test\AppData\Local\Toshiba
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\Users\Public\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\ProgramData\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly the Maddog X
2019-10-06 06:38 - 2019-10-06 06:40 - 000000000 ___DC C:\Users\homepc\Documents\Maddog X Files
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\Users\Public\Desktop\AirHauler 2.lnk
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\ProgramData\Desktop\AirHauler 2.lnk
2019-10-05 23:50 - 2019-10-05 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS2Crew2012
2019-10-05 23:43 - 2019-10-05 23:43 - 000000000 ____D C:\Program Files\AI Lights Reborn Free Edition
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo Internationall (FSX)
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo International (FSX)
2019-10-05 22:36 - 2019-10-05 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG - Cape Town FSX
2019-10-05 17:55 - 2019-10-05 17:55 - 020815872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019013632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-05 17:55 - 2019-10-05 17:55 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000241976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 026806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 023454720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 009680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002415928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002200376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-05 17:54 - 2019-10-05 17:54 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001751424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001720120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001399608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001247344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-05 14:38 - 2019-10-05 14:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1
2019-10-05 14:37 - 2019-10-05 14:37 - 000001862 _____ C:\Users\homepc\Desktop\AFX.lnk
2019-10-05 14:37 - 2019-10-05 14:37 - 000000000 ____D C:\Program Files (x86)\AFX
2019-10-04 15:01 - 2019-10-04 15:01 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-03 18:31 - 2019-10-03 18:31 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-09-30 23:12 - 2019-09-30 23:12 - 000034030 _____ C:\Users\homepc\Desktop\ChasePlane_Report_gtafivehater_gmail_com.txt
2019-09-30 15:53 - 2019-09-30 15:53 - 000000000 ____D C:\Users\homepc\AppData\Local\Viber
2019-09-29 02:03 - 2019-09-29 02:03 - 000000000 ____D C:\Users\homepc\AppData\Local\gtk-3.0
2019-09-29 01:11 - 2019-10-07 18:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\gsmartcontrol
2019-09-28 23:14 - 2019-10-07 16:03 - 000000000 ____D C:\SFCFix
2019-09-28 23:13 - 2019-10-07 16:03 - 000000000 ____D C:\Users\homepc\AppData\Local\niemiro
2019-09-28 22:46 - 2019-09-28 22:46 - 000000000 ___HD C:\$Windows.~WS
2019-09-28 22:38 - 2019-09-28 22:39 - 000000000 ____D C:\Program Files\NTLite
2019-09-28 22:38 - 2019-09-28 22:38 - 000000825 _____ C:\Users\homepc\Desktop\NTLite.lnk
2019-09-28 22:38 - 2019-09-28 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2019-09-28 19:19 - 2019-09-28 23:06 - 000000000 ____D C:\ESD
2019-09-28 13:43 - 2019-09-28 13:43 - 000001098 _____ C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RD-soft
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-28 13:38 - 2019-09-28 13:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\THROTTLEINDICATOR
2019-09-28 13:27 - 2019-09-28 13:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\fscabincrew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FS Cabin Crew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\Program Files (x86)\drubware.net
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\Users\Public\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\ProgramData\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\Users\Public\Desktop\FSLA320-X MCDU.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\ProgramData\Desktop\FSLA320-X MCDU.url
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ C:\Program Files (x86)\unEZCA2.exe
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\Users\Public\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\ProgramData\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\EZCA
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA2
2019-09-27 01:49 - 2019-09-27 03:53 - 000002048 _____ C:\WINDOWS\ezcamera2.lic
2019-09-27 00:18 - 2019-09-27 00:20 - 000000000 ____D C:\OpusFSX
2019-09-27 00:17 - 2019-09-27 00:18 - 000000000 ____D C:\Opus Software
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-25 02:53 - 2019-09-25 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Majestic Software
2019-09-25 01:51 - 2019-09-28 18:57 - 000000000 ____D C:\1909_f1_rxp
2019-09-25 01:22 - 2019-09-25 01:22 - 000000000 ____D C:\ProgramData\Garmin
2019-09-25 01:11 - 2019-09-28 20:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\Users\Public\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\ProgramData\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\Program Files (x86)\Download Master
2019-09-24 18:44 - 2019-09-30 23:12 - 000000000 ____D C:\Program Files (x86)\ChasePlane (XEdition)
2019-09-24 18:44 - 2019-09-24 21:36 - 000000000 ___DC C:\Users\homepc\Documents\ChasePlane Presets
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\Users\Public\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\ProgramData\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChasePlane (XEdition)
2019-09-24 17:28 - 2019-09-26 17:12 - 000000895 _____ C:\Users\homepc\Desktop\F1UpdateTool.lnk
2019-09-24 17:28 - 2019-09-24 17:28 - 000000935 _____ C:\Users\homepc\Desktop\f1update_tool_readme.lnk
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hoppie
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\Program Files (x86)\Hoppie
2019-09-22 00:38 - 2019-09-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simware - Valencia X - FSX
2019-09-21 22:49 - 2019-09-21 23:21 - 000001116 _____ C:\Users\homepc\Desktop\767-300 FSX Configuration Manager.lnk
2019-09-21 21:08 - 2019-09-21 21:18 - 000203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-09-21 14:13 - 2019-09-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARMI Project - Muscat OOMS FSX
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\Users\Public\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\ProgramData\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-21 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Ground Crew X
2019-09-21 13:31 - 2019-09-29 21:13 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Ultimate Ground Crew X
2019-09-17 00:14 - 2019-09-17 00:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3res
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3weatherfiles
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3Charts
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3aircraftfiles
2019-09-16 23:49 - 2019-09-16 23:49 - 000000000 ____D C:\Users\homepc\zygrib
2019-09-16 23:34 - 2019-09-27 00:34 - 000000000 ____D C:\OpusFSI_v5
2019-09-16 21:39 - 2019-09-16 21:39 - 000001181 _____ C:\Users\homepc\Desktop\Active Sky Next for FSX SP5.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000002021 _____ C:\Users\homepc\Desktop\FS Global Real Weather.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000000000 ____D C:\Program Files (x86)\FSGRW
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\Users\Public\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\ProgramData\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\Users\Public\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\ProgramData\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDreamTeam
2019-09-15 14:00 - 2019-10-07 21:35 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2019-09-15 13:41 - 2019-09-15 13:42 - 000082268 _____ C:\ProgramData\dxdiag.txt
2019-09-14 23:40 - 2019-09-15 01:43 - 000000000 ____D C:\Program Files\MFSClientV5
2019-09-14 12:27 - 2019-09-14 12:27 - 000000000 ____D C:\Users\homepc\AppData\Local\NVIDIA
2019-09-14 11:15 - 2019-09-14 11:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\NVIDIA
2019-09-14 11:13 - 2019-10-07 23:21 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-14 11:13 - 2019-09-14 13:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-05 22:49 - 005468144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 002634608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000654320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-09-14 11:13 - 2019-09-05 04:04 - 008709382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-09-14 11:13 - 2019-08-01 16:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000447368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000351944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:28 - 011562376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:28 - 009937104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 002051008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001550080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001247432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001140616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000959424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000676096 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000658880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000632768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000544648 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000524168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 040444856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 035334536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 017300360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 014921096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 005358472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 004696968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001726400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443630.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001491336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443630.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 005002192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 004263840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-09-14 11:12 - 2019-09-06 00:19 - 000054700 _____ C:\WINDOWS\system32\nvinfo.pb
2019-09-14 11:12 - 2019-09-06 00:19 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-09-14 11:07 - 2019-09-14 11:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-14 11:06 - 2019-09-14 11:06 - 000000000 ____D C:\ShadersHLSL
2019-09-13 21:28 - 2019-09-13 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSS FSL A320 IAE V2.1
2019-09-13 20:53 - 2019-09-13 20:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PILOT'S Software
2019-09-13 19:06 - 2019-09-27 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd
2019-09-13 19:05 - 2019-09-13 19:30 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\MSBuild
2019-09-13 13:25 - 2019-09-13 13:25 - 017761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 013942784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004850688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-13 13:25 - 2019-09-13 13:25 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002148864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-13 02:09 - 2019-10-07 00:09 - 000000000 ____D C:\TCPU71
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\Users\Public\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\ProgramData\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\Users\Public\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\ProgramData\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 00:00 - 2019-09-13 00:00 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PMDG Operations Center.lnk
2019-09-12 18:53 - 2019-09-12 19:00 - 000000000 ____D C:\BLOCKCHECKDPI
2019-09-11 01:12 - 2019-09-11 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2019-09-11 00:42 - 2019-09-11 00:43 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X - Steam Edition Files
2019-09-10 23:57 - 2019-09-10 23:57 - 000000208 _____ C:\Captain.ini
2019-09-10 19:27 - 2019-09-28 13:43 - 000000000 ____D C:\Program Files (x86)\RD-soft
2019-09-10 19:27 - 2019-09-10 19:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RDSetInstaller
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\Users\Public\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\ProgramData\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-10 19:19 - 2019-09-10 19:19 - 000000000 ____D C:\Users\homepc\AppData\Local\kACARS_-LR
2019-09-10 19:18 - 2019-09-10 19:18 - 000003113 _____ C:\Users\homepc\Desktop\kACARS - Landing Rate.lnk
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kACARS_Free
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Program Files (x86)\FS-Products
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\Users\Public\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\ProgramData\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 747-400 V2 for FSX
2019-09-08 00:49 - 2019-09-11 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2019-09-08 00:19 - 2019-09-08 00:19 - 000271424 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2019-09-08 00:14 - 2019-09-08 00:14 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2019-09-07 14:22 - 2019-09-07 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Airbus A318-A319 - FSX

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-07 23:32 - 2018-09-15 10:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-07 23:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-07 23:27 - 2018-12-16 22:37 - 000977104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-07 23:27 - 2018-09-15 10:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-07 23:22 - 2018-12-16 22:38 - 000003180 _____ C:\WINDOWS\system32\Tasks\FRAPS
2019-10-07 23:22 - 2018-05-10 21:23 - 000015274 ____C C:\Users\homepc\Documents\FPSMonitor.txt
2019-10-07 23:22 - 2018-04-27 21:38 - 000000000 ____D C:\Fraps
2019-10-07 23:22 - 2017-08-04 23:22 - 000000000 ____D C:\Program Files\Core Temp
2019-10-07 23:22 - 2017-06-24 12:57 - 000000000 ____D C:\ProgramData\Doctor Web
2019-10-07 23:22 - 2017-06-24 12:05 - 000000000 ____D C:\Users\homepc\AppData\Roaming\ViberPC
2019-10-07 23:22 - 2017-06-24 11:27 - 000000000 ____D C:\Users\homepc\AppData\LocalLow\Mozilla
2019-10-07 23:21 - 2018-12-26 16:25 - 000000000 ____D C:\ProgramData\VMware
2019-10-07 23:21 - 2018-12-16 22:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-07 23:21 - 2018-12-16 22:28 - 000000000 ____D C:\Users\homepc
2019-10-07 23:21 - 2018-08-13 17:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-07 23:21 - 2018-04-09 23:54 - 000000000 ____D C:\ProgramData\Jeppesen
2019-10-07 23:20 - 2018-12-16 22:38 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-10-07 23:20 - 2018-09-15 09:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-07 23:20 - 2018-02-07 01:32 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Wise Disk Cleaner
2019-10-07 23:19 - 2018-02-24 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\µTorrent
2019-10-07 23:17 - 2018-08-22 22:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-10-07 23:17 - 2017-12-10 18:46 - 000000000 ___DC C:\Users\homepc\AppData\Local\Packages
2019-10-07 23:17 - 2017-06-25 12:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\CrashDumps
2019-10-07 23:07 - 2017-06-24 23:54 - 000000000 ____D C:\Users\homepc\Desktop\Tor Browser
2019-10-07 22:47 - 2018-12-16 22:28 - 000000000 ____D C:\Users\test
2019-10-07 22:46 - 2017-06-24 10:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-07 22:43 - 2018-09-15 10:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-07 22:36 - 2018-12-16 22:38 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1001
2019-10-07 22:21 - 2018-07-22 12:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-07 22:16 - 2017-12-27 16:16 - 000000000 ____D C:\WINDOWS\pss
2019-10-07 22:11 - 2018-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-07 21:34 - 2018-02-02 00:16 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-10-07 21:30 - 2019-02-25 14:25 - 000000000 ____D C:\Program Files\SSD Tweaker
2019-10-07 21:30 - 2018-02-24 00:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\uTorrent
2019-10-07 21:21 - 2018-09-15 10:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-07 21:19 - 2018-09-15 09:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-10-07 20:24 - 2018-09-15 10:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-07 19:48 - 2019-02-03 16:47 - 000000000 ____D C:\WX Advantage Radar
2019-10-07 19:33 - 2018-04-05 15:40 - 000000000 ___DC C:\Users\homepc\AppData\Local\Apps\2.0
2019-10-07 17:44 - 2018-10-18 13:18 - 000505592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\drweblwf.sys
2019-10-07 17:10 - 2018-12-21 21:57 - 000000000 ___DC C:\Users\homepc\Documents\ViberDownloads
2019-10-07 16:39 - 2017-09-22 17:08 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-07 16:19 - 2018-12-16 22:28 - 000002366 _____ C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 16:19 - 2017-06-24 10:46 - 000000000 ___RD C:\Users\homepc\OneDrive
2019-10-07 15:52 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-10-07 15:41 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2019-10-07 15:26 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\DelayedItemsByChemtableSoftware
2019-10-07 15:26 - 2018-07-18 16:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Telegram Desktop
2019-10-07 15:23 - 2018-11-25 16:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Clipdiary
2019-10-07 15:08 - 2018-12-16 22:38 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1002
2019-10-07 15:08 - 2018-12-16 22:28 - 000002360 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:08 - 2017-12-10 18:46 - 000000000 ____D C:\Users\test\AppData\Local\Packages
2019-10-07 15:08 - 2017-09-21 18:36 - 000000000 ___RD C:\Users\test\OneDrive
2019-10-07 15:07 - 2017-12-28 23:39 - 000000000 ___RD C:\Users\test\3D Objects
2019-10-07 14:52 - 2017-06-24 13:17 - 000000000 ____D C:\Users\homepc\AppData\Roaming\WhatsApp
2019-10-07 14:18 - 2017-06-24 11:15 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-07 14:11 - 2017-07-25 00:28 - 000000000 ___DC C:\Users\homepc\Documents\AivlaSoft
2019-10-07 13:25 - 2019-05-31 19:10 - 000000000 ____D C:\Users\homepc\AppData\Local\BitTorrentHelper
2019-10-07 02:07 - 2019-08-29 01:11 - 000000000 ____D C:\Users\homepc\AppData\Roaming\vlc
2019-10-06 19:02 - 2019-03-13 13:04 - 000000000 ____D C:\Users\homepc\AppData\Roaming\SimBrief Downloader
2019-10-06 17:35 - 2019-01-28 21:30 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X Files
2019-10-06 17:01 - 2019-01-29 17:38 - 000001155 _____ C:\Users\homepc\Desktop\Active Sky 2016 for FSX.lnk
2019-10-06 15:52 - 2017-09-12 12:56 - 000000000 ____D C:\SoyzClient
2019-10-06 15:34 - 2017-12-29 00:30 - 000000000 ____D C:\ProgramData\Virtuali
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\Users\Public\Documents\DX10SceneryFixer
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\ProgramData\Documents\DX10SceneryFixer
2019-10-06 15:26 - 2017-07-24 00:00 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Virtuali
2019-10-06 06:45 - 2017-07-28 03:00 - 000000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2019-10-06 06:18 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\eSellerate
2019-10-06 05:12 - 2017-12-29 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-10-06 04:06 - 2019-05-13 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
2019-10-06 00:37 - 2017-09-16 19:24 - 000000000 ___DC C:\Users\homepc\Documents\vPilot Files
2019-10-06 00:25 - 2018-08-11 14:49 - 000000000 ___DC C:\Users\homepc\AppData\Local\V1_Software
2019-10-06 00:10 - 2019-06-28 19:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-06 00:10 - 2018-07-27 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2019-10-06 00:10 - 2017-06-24 10:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-05 23:50 - 2018-07-13 23:12 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RAASPRO
2019-10-05 23:43 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Add-ons
2019-10-05 17:58 - 2019-03-28 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 17:58 - 2017-12-10 19:59 - 000000000 ___RD C:\Users\homepc\3D Objects
2019-10-05 17:58 - 2017-06-24 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-05 17:56 - 2018-09-15 12:11 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-05 17:56 - 2018-09-15 12:11 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-05 17:56 - 2018-09-15 12:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-05 17:56 - 2018-09-15 09:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-05 17:54 - 2017-06-24 11:38 - 000408644 __RSH C:\bootmgr
2019-10-05 14:37 - 2017-07-26 03:41 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2019-10-05 13:31 - 2017-08-06 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2019-10-05 12:01 - 2019-02-25 20:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Discord
2019-10-05 11:57 - 2017-06-24 11:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-03 16:00 - 2017-06-24 12:59 - 000000000 ____D C:\Program Files\DrWeb
2019-10-03 12:34 - 2019-03-26 16:25 - 000000000 ____D C:\Users\homepc\AppData\Local\WhatsApp
2019-10-02 21:52 - 2018-12-16 22:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:52 - 2018-12-16 22:38 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 21:52 - 2017-11-17 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-30 20:21 - 2017-09-21 18:40 - 000000000 ____D C:\Temp
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\Users\Public\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\ProgramData\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000000000 ____D C:\Program Files (x86)\AIDA64
2019-09-30 14:10 - 2018-10-18 13:19 - 000860240 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwprot.sys
2019-09-30 14:10 - 2018-10-18 13:18 - 000390248 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\spiderg3.sys
2019-09-29 21:14 - 2018-12-25 18:07 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-09-29 17:24 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\ProgramData\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2019-09-28 20:38 - 2018-03-28 13:04 - 000000000 ____D C:\Boson
2019-09-28 13:25 - 2017-07-24 01:47 - 000000000 ___DC C:\Users\homepc\AppData\Local\Downloaded Installations
2019-09-27 03:54 - 2017-07-23 16:57 - 000000000 ____D C:\Program Files (x86)\EZCA2
2019-09-27 03:53 - 2017-07-23 16:56 - 000000000 ____D C:\EZdok Software
2019-09-27 03:38 - 2019-02-26 02:50 - 000000000 ____D C:\Program Files\EZCA3
2019-09-27 03:36 - 2019-02-25 22:23 - 000000000 ____D C:\Program Files (x86)\Flight1 Purchase Agent
2019-09-27 02:56 - 2019-01-22 23:20 - 000000000 __SHD C:\Users\Public\DRM
2019-09-27 00:17 - 2017-12-28 01:37 - 000002048 _____ C:\WINDOWS\OpusFSX.lic
2019-09-27 00:13 - 2018-01-28 13:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Navdata
2019-09-27 00:13 - 2018-01-28 13:29 - 000002048 _____ C:\WINDOWS\CX750X.lic
2019-09-27 00:12 - 2019-02-25 22:23 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1Purchase
2019-09-27 00:08 - 2019-02-26 02:50 - 000002048 _____ C:\WINDOWS\ezcapro3.lic
2019-09-27 00:02 - 2019-02-25 22:23 - 000083295 _____ C:\Program Files (x86)\F1Uninstall.exe
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\Users\Public\Desktop\Flight1 Purchase Agent.lnk
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\ProgramData\Desktop\Flight1 Purchase Agent.lnk
2019-09-26 19:39 - 2018-12-16 22:28 - 000000000 ____D C:\Users\DefaultAppPool
2019-09-26 17:12 - 2017-08-23 12:55 - 000000000 ____D C:\ProgramData\Flight One Software
2019-09-26 04:18 - 2019-02-02 02:16 - 000000109 _____ C:\WINDOWS\GARMINWT.INI
2019-09-26 02:06 - 2018-04-23 00:26 - 000000221 ____C C:\Users\homepc\Documents\ax_files.xml
2019-09-25 20:45 - 2019-05-05 17:20 - 000000000 ____D C:\Program Files (x86)\FSrealWX 3.0
2019-09-25 12:15 - 2017-11-17 13:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-09-25 02:46 - 2017-12-30 20:32 - 000000000 ____D C:\Program Files (x86)\FSBuild
2019-09-25 01:29 - 2019-09-06 19:11 - 000000000 ____D C:\Program Files\Process Lasso
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\Users\Public\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\ProgramData\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso Pro
2019-09-25 01:29 - 2018-12-16 22:38 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2019-09-25 01:29 - 2018-12-16 22:38 - 000003096 _____ C:\WINDOWS\system32\Tasks\Process Lasso Core Engine Only
2019-09-25 01:22 - 2019-02-04 22:22 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin Aviation Trainers.lnk
2019-09-24 17:28 - 2019-02-01 14:39 - 000000890 _____ C:\Users\homepc\Desktop\F1GTNConfig.lnk
2019-09-23 23:23 - 2017-06-24 13:17 - 000000000 ___DC C:\Users\homepc\AppData\Local\SquirrelTemp
2019-09-23 22:32 - 2018-05-18 11:38 - 000000000 ___DC C:\Users\homepc\AppData\Local\D3DSCache
2019-09-23 15:09 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-23 15:09 - 2017-12-28 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSrealWX
2019-09-23 15:07 - 2018-12-17 14:49 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-23 15:07 - 2018-10-10 18:37 - 000000000 ___RD C:\Users\homepc\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-09-22 02:52 - 2019-04-19 00:34 - 000000000 ____D C:\Program Files\WhoCrashed
2019-09-22 00:53 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Files
2019-09-21 22:49 - 2018-04-28 14:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-09-21 21:37 - 2018-04-30 15:02 - 000000000 ____D C:\Program Files (x86)\PMDG Operations Center
2019-09-21 16:49 - 2017-07-27 15:29 - 000000000 ____D C:\ProgramData\firebird
2019-09-21 15:11 - 2017-07-27 15:27 - 000000000 ____D C:\PRO-ATC-X
2019-09-19 13:15 - 2017-09-14 15:00 - 000000000 ____D C:\DrWebkeys
2019-09-19 13:13 - 2017-07-23 21:34 - 000000000 ____D C:\aerosoft
2019-09-17 11:44 - 2019-02-26 02:03 - 000000035 _____ C:\general.INI
2019-09-17 01:02 - 2017-08-31 16:42 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2019-09-17 00:14 - 2019-05-05 16:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3
2019-09-17 00:13 - 2017-12-28 20:14 - 000000000 ____D C:\Program Files (x86)\FSrealWX_Pro
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\Users\Public\Desktop\FSrealWX Pro.lnk
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\ProgramData\Desktop\FSrealWX Pro.lnk
2019-09-16 21:39 - 2019-01-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2019-09-16 21:39 - 2019-01-29 17:37 - 000000000 ____D C:\Program Files (x86)\HiFi
2019-09-16 21:39 - 2018-01-28 03:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\HiFi
2019-09-16 20:41 - 2018-05-27 13:10 - 000001095 _____ C:\Users\homepc\Desktop\MFSClient.lnk
2019-09-16 19:50 - 2018-02-03 17:52 - 000000000 ____D C:\Program Files (x86)\Addon Manager
2019-09-16 19:30 - 2018-02-03 18:04 - 000000179 _____ C:\Users\homepc\FSDreamTeam_GSX.reg
2019-09-16 15:57 - 2018-02-06 19:31 - 000000000 ___HD C:\3gzV5dAb7FiiwFEW
2019-09-16 11:29 - 2018-01-11 19:31 - 000000000 ___DC C:\Users\homepc\AppData\Local\MEGAsync
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\Users\Public\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\ProgramData\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 01:27 - 2018-05-12 00:31 - 000000000 ____D C:\AFSD
2019-09-15 00:40 - 2017-12-30 15:36 - 000000000 ___DC C:\Users\homepc\AppData\Local\QSimPlanner
2019-09-15 00:38 - 2017-12-30 15:36 - 000001149 _____ C:\Users\homepc\Desktop\QSimPlanner.lnk
2019-09-15 00:38 - 2017-12-30 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QSimPlanner
2019-09-14 17:33 - 2019-03-13 13:04 - 000002514 _____ C:\Users\homepc\Desktop\SimBrief Downloader.lnk
2019-09-14 11:13 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\Help
2019-09-14 11:08 - 2017-12-27 16:14 - 000000000 ____D C:\[Guru3D.com]-DDU
2019-09-14 11:03 - 2018-12-16 22:38 - 000004570 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-14 11:03 - 2017-06-25 00:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\Adobe
2019-09-14 11:00 - 2019-04-07 00:43 - 000000000 ____D C:\ProgramData\DisplayDriverUninstaller
2019-09-14 10:48 - 2018-12-16 22:38 - 000004582 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-13 20:15 - 2018-03-04 13:56 - 000000000 ____D C:\ProgramData\FSTramp
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\Users\Public\Documents\PFPX Data
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\ProgramData\Documents\PFPX Data
2019-09-13 18:40 - 2019-02-28 01:02 - 000000000 ____D C:\Users\homepc\AppData\Local\ElevatedDiagnostics
2019-09-13 18:35 - 2019-02-03 04:55 - 000001159 _____ C:\Users\homepc\Desktop\Reg Organizer.lnk
2019-09-13 14:20 - 2017-06-24 10:59 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-13 13:27 - 2018-09-15 10:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-13 13:26 - 2018-09-15 10:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-13 13:26 - 2018-09-15 10:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-13 11:47 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\Users\Public\Desktop\TC PU Programs
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\ProgramData\Desktop\TC PU Programs
2019-09-12 20:36 - 2017-09-01 19:04 - 000001857 _____ C:\Users\homepc\Desktop\FSFX_Tools.lnk
2019-09-11 18:57 - 2017-09-10 16:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\TS3Client
2019-09-11 01:12 - 2018-04-27 23:56 - 000000000 ____D C:\Program Files\ParkControl
2019-09-10 09:54 - 2018-07-26 13:21 - 000001323 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 Server.lnk
2019-09-10 09:49 - 2018-07-26 13:21 - 000001338 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 DbBuilder.lnk
2019-09-08 21:59 - 2019-06-29 00:06 - 000000000 ____D C:\Temp torrents
2019-09-08 19:32 - 2018-08-31 18:23 - 000000000 ___DC C:\Users\homepc\AppData\Local\Ubisoft Game Launcher
2019-09-08 16:41 - 2017-10-15 15:29 - 000002004 _____ C:\Users\homepc\Desktop\FS Real Time.lnk
2019-09-07 22:23 - 2017-07-26 03:41 - 000000000 ____D C:\Program Files (x86)\FS Real Time
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\Users\Public\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000001097 _____ C:\ProgramData\Desktop\FSTramp Scenery Assembler.lnk
2019-09-07 12:48 - 2018-03-04 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSTramp
2019-09-07 12:48 - 2018-03-04 13:56 - 000000000 ____D C:\Program Files (x86)\FSTramp

==================== Files in the root of some directories ================

2018-02-03 18:04 - 2019-09-16 19:30 - 000000179 _____ () C:\Users\homepc\FSDreamTeam_GSX.reg
2017-12-30 20:37 - 2019-09-01 22:20 - 000002065 _____ () C:\Program Files (x86)\3187c76b-7ef1-4f48-bb5e-e5da055a81d9.index
2019-02-25 22:23 - 2019-09-27 00:02 - 000083295 _____ () C:\Program Files (x86)\F1Uninstall.exe
2011-12-03 16:23 - 2008-02-21 21:45 - 000070416 _____ () C:\Program Files (x86)\post-2-12035868936904.jpg
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ () C:\Program Files (x86)\unEZCA2.exe
2019-01-31 15:53 - 2019-01-24 18:11 - 000000858 _____ () C:\Users\homepc\AppData\Roaming\8f2626ec-b19e-4dc5-9f23-cdc84f045b52.index
2018-06-20 11:47 - 2018-05-20 18:10 - 000000855 _____ () C:\Users\homepc\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2018-11-04 22:39 - 2018-10-04 09:37 - 002385178 _____ () C:\Users\homepc\AppData\Roaming\ec317386-e87d-48c7-ade1-34457a87d179.index
2017-12-20 01:48 - 2017-12-20 01:48 - 000000128 ____H () C:\Users\homepc\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2018-12-30 23:40 - 2018-12-30 23:40 - 000212879 _____ () C:\Users\homepc\AppData\Roaming\Lockheed Martin.rar
2017-09-03 12:43 - 2019-05-10 00:22 - 000000369 _____ () C:\Users\homepc\AppData\Roaming\OpenSceneryX Installer.plist
2018-10-27 22:23 - 2018-10-27 22:23 - 000000000 _____ () C:\Users\homepc\AppData\Roaming\Program.cfg
2018-10-25 01:07 - 2019-04-27 14:57 - 000000080 _____ () C:\Users\homepc\AppData\Roaming\WED.prefs
2019-05-10 01:34 - 2019-06-15 22:29 - 000008176 _____ () C:\Users\homepc\AppData\Roaming\XAddonManager.plist
2019-03-18 15:50 - 2019-03-18 15:50 - 000000000 _____ () C:\Users\homepc\AppData\Local\oobelibMkey.log
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ () C:\Users\homepc\AppData\Local\recently-used.xbel
2019-04-16 15:23 - 2019-05-16 14:14 - 000007653 _____ () C:\Users\homepc\AppData\Local\Resmon.ResmonCfg
2019-04-19 00:39 - 2019-05-09 02:11 - 000001293 _____ () C:\Users\homepc\AppData\Local\Temp1.html
2019-04-19 00:40 - 2019-04-19 00:40 - 000013510 _____ () C:\Users\homepc\AppData\Local\Temp38.html
2019-05-09 02:11 - 2019-05-09 02:11 - 000003111 _____ () C:\Users\homepc\AppData\Local\Temp6.html
2019-08-12 23:06 - 2019-08-12 23:06 - 000017408 _____ () C:\Users\homepc\AppData\Local\WebpageIcons.db
2019-04-05 15:31 - 2019-05-03 12:37 - 000000093 _____ () C:\Users\homepc\AppData\Local\X-Plane 11 Preferences.prf
2019-04-05 15:31 - 2019-08-13 11:02 - 000000037 _____ () C:\Users\homepc\AppData\Local\X-Plane Installer.prf
2019-04-05 15:31 - 2019-05-25 17:50 - 000000075 _____ () C:\Users\homepc\AppData\Local\X-Plane_drm_11.prf
2019-04-05 15:32 - 2019-08-13 10:39 - 000000032 _____ () C:\Users\homepc\AppData\Local\x-plane_install_11.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 
Please post the Addition.txt (but don't use the ISPOILER BBCode :-) ).
 
Corrine said:
Please post the Addition.txt (but don't use the ISPOILER BBCode :-) ).
Click to expand...
it wasn't such a good idea with ISPOILER:cautious:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by homepc (07-10-2019 23:37:57)
Running from C:\Users\homepc\Desktop\Tor Browser
Windows 10 Pro Version 1809 17763.775 (X64) (2018-12-16 19:38:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2357164880-557895980-647672482-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2357164880-557895980-647672482-503 - Limited - Disabled)
Guest (S-1-5-21-2357164880-557895980-647672482-501 - Limited - Disabled)
homepc (S-1-5-21-2357164880-557895980-647672482-1001 - Administrator - Enabled) => C:\Users\homepc
newuser (S-1-5-21-2357164880-557895980-647672482-1010 - Administrator - Enabled) => C:\Users\newuser
test (S-1-5-21-2357164880-557895980-647672482-1002 - Administrator - Enabled) => C:\Users\test
WDAGUtilityAccount (S-1-5-21-2357164880-557895980-647672482-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Dr.Web Security Space (Disabled - Up to date) {1F0B3F76-4795-94AD-DF9E-2678C33ACA8F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Dr.Web Firewall (Disabled) {2730BE53-0DFA-95F5-F4C1-8F4D3DE98DF4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
µTorrent (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
µTorrent 3.5.1 (HKLM-x32\...\µTorrentPro 3.5.1 Build 44358) (Version: - )
1C:Предприятие 8 (x86-64) (8.3.13.1690) (HKLM\...\{EE557440-904A-48D6-B8B9-F583F83E58D7}) (Version: 8.3.13.1690 - 1С-Софт)
3DMark (HKLM\...\{2B039C20-A45C-42F6-8BD2-4BD6A145A4FA}) (Version: 2.6.6233.0 - UL) Hidden
3DMark (HKLM-x32\...\{489449ac-3782-4a02-89b0-0aeeb367be04}) (Version: 2.6.6233.0 - UL)
4K Video Downloader (HKLM-x32\...\4K Video Downloader) (Version: - Open Media LLC)
4K Video Downloader 4.4.11.2412 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.4.11.2412 - lrepacks.ru)
4K Video Downloader 4.7.0.2602 (HKLM\...\4K Video Downloader_is1) (Version: 4.7.0.2602 - lrepacks.ru)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aarhus Airport X 1.4 (HKLM-x32\...\Aarhus Airport X 1.4) (Version: - )
ACARS Airborne 1.9 (HKLM-x32\...\ACARS Airborne_is1) (Version: - )
ACARS Dispatch 2.2 (HKLM-x32\...\Dispatch_is1) (Version: - )
Accu-Feel (HKLM-x32\...\Accu-Feel) (Version: - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version: - )
Accu-Feel v2 for Prepar3D v4 (HKLM\...\{D7AC696B-DF75-47FE-BF2F-81BCB3CFE518}) (Version: 2.1 - A2A Simulations Inc.) Hidden
Accu-Feel v2 for Prepar3D v4 (HKLM\...\Accu-Feel v2 for Prepar3D v4 2.1) (Version: 2.1 - A2A Simulations Inc.)
AccuMap (HKLM-x32\...\{FF800A09-B165-4CE4-878D-73E100822409}_is1) (Version: 1.2.0 - MothTech)
Active Sky 2016 for FSX (HKLM-x32\...\{25567157-5441-4731-9703-46c506d029c7}_is1) (Version: 1.0.6452.28386 - HiFi Technologies, Inc.)
Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6909.23676 - HiFi Technologies, Inc.)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6255.21938 - HiFi Technologies, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - FlightSim Commander 9 (HKLM-x32\...\{F941AABE-E868-42D9-9F38-884250F7898A}) (Version: 9.7.0.0 - aerosoft)
Aerosoft's - Simcheck Airbus A300B4-200 (HKLM-x32\...\{40C5DFE3-3B86-4151-A225-C7B28ACEFEB7}) (Version: 2.01 - Aerosoft)
Aerosoft's - Simcheck Airbus A300-FMC-add-on - FSX (HKLM-x32\...\Simcheck Airbus A300-FMC-add-on - FSX) (Version: 1.02 - Aerosoft)
AFSD v4.43 (HKLM-x32\...\AFSD_is1) (Version: 4.43 - Hervй Sors)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
AI Lights Reborn Free Edition (HKLM-x32\...\{46C94EA0-957E-11E7-6784-002FAB2F18BE}) (Version: 3.3.4 - Flight Sim Technologies)
AIControllerV20A (HKLM-x32\...\{730735EE-2AB1-408E-A09B-5EA6AA5A6A2A}) (Version: 2.0.1.0 - AIController)
AIDA64 (HKLM-x32\...\AIDA64) (Version: 6.10.5200 - FinalWire Ltd.)
AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 5.99.4900 - )
AILGenerator 4.9 (HKLM-x32\...\AILGenerator_is1) (Version: - Nico Kaan)
AirHauler 2 (HKLM-x32\...\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}) (Version: 1.00.5 - Just Flight)
Airport Design Editor 175 (HKLM-x32\...\ScruffyDuckSoftwareADE175) (Version: 1.75.6410.0 - ScruffyDuck Software)
Aiseesoft Video Downloader (HKLM-x32\...\{0CDC63F0-BDD6-09A4-CC0E-88C6B2CC27AA}) (Version: 6.0.88 - Aiseesoft Studio)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.16 - AivlaSoft )
AivlaSoft EFB2 Client (HKLM-x32\...\AivlaSoft EFB2 Client) (Version: 2.1 - Apprimus Informatik GmbH)
AivlaSoft EFB2 Server (HKLM-x32\...\AivlaSoft EFB2 Server) (Version: 2.1 - Apprimus Informatik GmbH)
AJPC v2.41 (HKLM-x32\...\AJPC_is1) (Version: 2.41 - Hervй Sors)
Allavsoft 3.16.4.6852 (HKLM-x32\...\Allavsoft_is1) (Version: 3.16.4.6852 - lrepacks.ru)
ALTVPN.com version 1.3 (HKLM-x32\...\{C6C3EC46-801F-4FDA-9BC2-D9AF255BA7D4}_is1) (Version: 1.3 - ALTVPN.com)
ARMI Project - Muscat OOMS FSX (HKLM-x32\...\ARMI Project - Muscat OOMS FSX) (Version: - )
ASConnect 2016 for FSX Installer (HKLM-x32\...\{7ef6df55-324a-418f-8d41-80ec539e6cf4}_is1) (Version: 1.0.0.37 - HiFi Technologies, Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Auslogics Driver Updater 1.20.1.0 (HKLM-x32\...\Auslogics Driver Updater_is1) (Version: 1.20.1.0 - Auslogics Labs Pty Ltd)
AUTHGURU (HKLM-x32\...\{E828A555-B89D-4041-BF92-9F08FD774978}) (Version: 9.4 - Bastion Infotech Pvt Ltd)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BestMonitor 2.01 (HKLM-x32\...\BestMonitor_is1) (Version: - BestChange.ru)
Bigfoot Networks Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks) Hidden
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
BlackBox Simulation - PreFlight Manager (HKLM-x32\...\BlackBox Simulation-PreFlightManager) (Version: 1.0.6600 - BlackBox Simulation)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.20.02(T) - Toshiba Client Solutions Co., Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boson NetSim 10 (HKLM-x32\...\{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC) Hidden
Boson NetSim 10 (HKLM-x32\...\InstallShield_{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC)
Boson NetSim 11 (HKLM-x32\...\{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC) Hidden
Boson NetSim 11 (HKLM-x32\...\InstallShield_{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC)
BSS FSL A320 CFM V2 (HKLM-x32\...\BSS FSL A320 CFM V2) (Version: - )
BSS FSL A320 IAE V2.1 (HKLM-x32\...\BSS FSL A320 IAE V2.1) (Version: - )
BurnInTest v9.0 Pro (HKLM\...\BurnInTest_is1) (Version: 9.0.1010.0 - Passmark Software)
CA ERwin Process Modeler r7.3 (HKLM-x32\...\{CEEFB6A4-A02B-4A34-BAAB-200D9B7448B4}) (Version: 7.003.1773 - CA, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: - )
ChasePlane XEdition (HKLM-x32\...\{CB51E288-3016-47E2-A401-A15BA5AA3F97}_is1) (Version: 1.0.26 XE.1 - ChasePlane (XEdition))
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DigitalDesign - ULLI v1.1 (HKLM-x32\...\DIGITALDESIGN-ULLI-F5F8C557-F53A-4D45-8CB1-82FDF84BD7C7_is1) (Version: 1.0.0.0 - SimMarket)
Discord (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk-O (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{EB6332D7-3C3F-43AC-B332-4DC6E4EFE0C6}_is1) (Version: 18.02.0001 - Mail.Ru Group)
DMD-URKK (HKLM-x32\...\DMD-URKK-B32DCA3D-5D97-4A80-A969-60A961FD5E5D_is1) (Version: 1.0.0.0 - SimMarket)
Domodedovo International Airport v1.1 (HKLM-x32\...\MDESIGN_DOMODEDOVO_INTL_is1) (Version: 1.2.0.0 - SimMarket)
Download Master 6.16.1.1595 (HKLM-x32\...\Download Master_is1) (Version: 6.16.1.1595 - NEO)
Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
Driver Easy 5.6.8 (HKLM\...\DriverEasy_is1) (Version: 5.6.8 - Easeware)
DXGL 0.5.12 (HKLM-x32\...\DXGL) (Version: 0.5.12 - William Feely)
Eaglesoft Citation X 750 2.0 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Eaglesoft Citation X 750 2.0 ) (Version: - )
EasyNavs v5.13 (HKLM-x32\...\EasyNavs_is1) (Version: 5.13 - Hervй Sors)
EFASS version NG (HKLM-x32\...\{C99177FE-4E7B-46CA-B3C2-73581D4063C1}_is1) (Version: NG - Froom Simulation Software)
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
Electrum (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.2.0.1 - TOGA projects)
EXEStealth (HKLM-x32\...\EXEStealth) (Version: - )
EZdok Camera Version 2 (HKLM-x32\...\EZdok Camera Version 2) (Version: - )
F1 GTN Complete (HKLM-x32\...\F1GTN) (Version: 2.12 - Flight1 Aviation Technologies)
FLAi Operations Center (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9c54cef4273db6f7) (Version: 1.0.0.18 - BVARTCC)
Flight Environment X (HKLM-x32\...\Flight Environment X) (Version: - )
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Purchase Agent (HKLM-x32\...\Flight1 Purchase Agent) (Version: - )
FlightFX (remove only) (HKLM-x32\...\FlightFX) (Version: - )
Fly The Maddog X 32bit Edition for FSX (HKLM-x32\...\Fly The Maddog X 32bit Edition for FSX) (Version: - )
ForceBindIP (HKLM-x32\...\ForceBindIP) (Version: - )
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FS Cabin Crew Full Edition (HKLM-x32\...\{033F002F-BF4E-45E5-8522-823B87ED75D2}) (Version: 1.00.0000 - drubware.net)
FS Decelerate version 1.0 (HKLM-x32\...\{F7FDD01F-AC31-4923-92EC-D52D04311583}_is1) (Version: 1.0 - Nikola Jovanovic)
FS Real Time v1.98.1 (HKLM-x32\...\FS_Real_Time) (Version: - )
FS2XPlane (HKLM-x32\...\FS2XPlane) (Version: 3.26 - Jonathan Harris <x-plane@marginal.org.uk>)
FSAirlines Client (HKLM-x32\...\FSAirlines Client) (Version: - )
FSBuild 2 (HKLM-x32\...\FSBuild 2) (Version: 1 - EA)
Fsbuild 2.4.0.32 (HKLM-x32\...\Fsbuild 2.4.0.32) (Version: - )
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSControl v5.06 (HKLM-x32\...\FSControl_is1) (Version: 5.06 - Hervй Sors)
FSDG - Cape Town X FSX (HKLM-x32\...\FSDG - Cape Town X FSX) (Version: - )
FSDreamTeam GSX version 2.7.0 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.7.0 - VIRTUALI Sagl)
FSLabs A320-X Aeroflot livery v1.5 (HKLM-x32\...\FSLabs A320-X Aeroflot livery_is1) (Version: 0.1.5.0 - FlightSimLabs, Ltd.)
FSLabs A320X Binaries v1.0.1.310 for FSX (HKLM-x32\...\A320X_FSX_Binaries_is1) (Version: 1.0.1.310 - FlightSimLabs, Ltd.)
FSLabs A320X Resources v1.0.1.400 for FSX (HKLM-x32\...\A320X_FSX_Resources_is1) (Version: 1.0.1.400 - FlightSimLabs, Ltd.)
FSLSpotLights v1.0.0.38 (HKLM-x32\...\FSLSpotLights_is1) (Version: 1.0.0.38 - FlightSimLabs, Ltd.)
FSrealWX 3.01.1725 (HKLM-x32\...\FSrealWX 3.0_is1) (Version: 3.01.1725 - Hanse-Coders)
FSrealWX Pro Version 2.04.866 (HKLM-x32\...\FSrealWX Pro_is1) (Version: 2.04.866 - Hanse-Coders)
FSrealWX Server Version 1.00.80 (HKLM-x32\...\FSrealWX Server_is1) (Version: 1.00.80 - Hanse-Coders.)
FSTramp (HKLM-x32\...\{0B3EAF6B-BBF1-45EF-B4DA-D16DC7574507}_is1) (Version: 7.26 - Team FSTramp)
Futuremark SystemInfo (HKLM-x32\...\{54A3802E-DFED-4235-85A7-A604FE1CC64D}) (Version: 5.14.693.0 - Futuremark)
FxSound Enhancer (HKLM-x32\...\FxSound Enhancer) (Version: 13.027 - FxSound)
Garmin Aviation Checklist Editor (HKLM-x32\...\{51B555C4-F02B-44A5-8710-8EFE8FCB0589}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Aviation Trainers (HKLM-x32\...\{ebaa1977-06b1-4bef-8e97-ee6421df8e96}) (Version: 2.5.0.0 - Garmin)
Garmin GTN Trainer (HKLM-x32\...\{6DFD1B14-A965-4729-AFB9-408447388AB3}) (Version: 6.62.0.0 - Garmin) Hidden
Garmin Trainer Databases (HKLM-x32\...\{ABD210BC-DB31-4B6C-A342-B022F6FC9945}) (Version: 2.5.0.0 - Garmin) Hidden
Garmin Trainer Launcher (HKLM-x32\...\{95C42791-3D93-4234-9710-8460719D1585}) (Version: 2.5.0.0 - Garmin) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe)
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: 5.40.10482 - )
HHD Software Hex Editor Neo 6.42 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.42.1.6170 - HHD Software, Ltd.)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyperion EOS Control Data Suite (HKLM-x32\...\{615030C8-3D49-4CC1-BD58-5549107A924B}) (Version: 13.08.20 - Hyperion)
HyperSnap (HKLM\...\{39332DD5-F8B8-D804-EE99-DB3BF785DDA1}) (Version: 8.13.02 - Hyperionics Technology LLC)
HyperSnap (HKLM-x32\...\HyperSnap 8.10.00) (Version: - )
iFly Jets - The 737NG for FSX (HKLM-x32\...\iFly Jets - The 737NG for FSX) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Hotfix 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Hotfix 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1a (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1a) (Version: - )
iFly Jets - The 747-400 V2 for FSX (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX) (Version: - )
iFly737 FSX DVD Customer Update 3.1 (HKLM-x32\...\iFly737 FSX DVD Customer Update 3.1) (Version: - )
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Infognition ScreenPressor v2.1 (Remove Only) (HKLM-x32\...\SCPR) (Version: - )
InnoExtractor 5.2.2.188 (HKLM-x32\...\{406AB259-8887-4257-AE79-78D3BC3E528B}_is1) (Version: 5.2.2.188 - Havy Alegria)
Intel(R) Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{A85094B2-BFE8-4C0D-8FF9-2B139D6A4008}) (Version: 8.7.19627 - iSpring Solutions Inc.)
IvAi v1.0.0 b150 (HKLM\...\IvAi_is1) (Version: - IVAO)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
kACARS - Landing Rate (HKLM-x32\...\{FD1DE517-419E-4AD1-A791-72214057E3AD}) (Version: 1.0.0000 - FS-Products)
Letasoft Sound Booster 1.11.0.505 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.505 - Letasoft LLC)
Level-D 767-300 for FSX (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Level-D 767-300 for FSX) (Version: - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Loaris Trojan Remover 3.0.68 (HKLM\...\Loaris Trojan Remover_is1) (Version: 3.0.68 - lrepacks.ru)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MCDU 2.31 (HKLM-x32\...\MCDU_is1) (Version: - )
MediaHuman YouTube Downloader 3.9.9.10 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.10 - MediaHuman)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MFS Client (HKLM-x32\...\MFS Client) (Version: - )
MFSClientV5 (HKLM-x32\...\MFSClientV5) (Version: - )
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: - )
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM-x32\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 4.0.1.1101 - Flightsim Estonia)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 69.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-GB)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NMG OR Tambo International V4.3 (FSX) (HKLM-x32\...\NMG OR Tambo International V4.3 (FSX)) (Version: - )
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NTLite v1.8.0.7165 (HKLM\...\NTLite_is1) (Version: 1.8.0.7165 - Nlitesoft)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OpenVPN 2.5_git-I602 20170914 refs/heads/master/5fd8e94d31182557 (HKLM\...\OpenVPN) (Version: 2.5_git-I602 - OpenVPN Technologies, Inc.)
OpusFSI Version 5 Flight Simulator Interface (HKLM-x32\...\{98082A12-E24F-4568-B602-B95A3534D91D}) (Version: 5.28.3 - Opus Software Limited)
OpusFSX for FSX and Prepar3D Flight Simulators (HKLM-x32\...\{A6C11E93-4637-4467-B623-AE7F675DF046}) (Version: 3.55.2 - Opus Software Limited)
Oracle VM VirtualBox 5.2.16 (HKLM\...\{9BDE6621-5201-47E9-8394-FF44CBD66A1E}) (Version: 5.2.16 - Oracle Corporation)
OSFMount v2.0 (HKLM\...\OSFMount_is1) (Version: 2.0.1001 - Passmark Software)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.3.1.8 - Bitsum)
Pilots - Almeria LEAM (HKLM-x32\...\Pilots - Almeria LEAM) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion FSX (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PolyLoader (HKLM-x32\...\{2C3BFF40-1468-48F4-8902-DC553874D636}) (Version: 3.5.3 - Yemiez)
Prepar3D v4 Professional Plus (HKLM-x32\...\{33dd160e-e04d-4022-8250-0a7f4b50a542}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.5.12.30293 - Lockheed Martin)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Process Lasso 9.3.0.44 (HKLM\...\Process Lasso_is1) (Version: 9.3.0.44 - Bitsum LLC)
Process Lasso Pro (HKLM-x32\...\Process Lasso Pro) (Version: - )
PSXseeconTraffic 14.6 (HKLM-x32\...\PSXseeconTraffic_is1) (Version: - Nico Kaan)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QSimPlanner version 0.4.8 (HKLM-x32\...\QSimPlanner_is1) (Version: 0.4.8 - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version: - )
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Reg Organizer (HKLM-x32\...\Reg Organizer) (Version: - ChemTable Software)
Reg Organizer 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - lrepacks.ru)
Resource Hacker Version 5.0.42 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Resource Tuner 2.20 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.20 - Heaventools Software)
REX 4 Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{C7BB0C28-2AE4-4AAB-A38B-42CFADDC0EF5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Sky Force 3D for FSX, FSX-Steam, P3Dv3 (HKLM-x32\...\{A4D281C6-83D5-4150-B52D-032DE1465651}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 - PATCH ONLY (HKLM\...\{622205F7-7CC6-4314-9269-8029E4FE0EF8}) (Version: 5.0.2018.0520 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 (HKLM\...\{AAA37EC2-CBC4-4525-999F-12AB2C8542E5}) (Version: 5.0.2018.0508 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{2481E6EB-6771-4507-89BC-3CDC701F7949}) (Version: 5.0.2019.0116 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{556C3051-15D2-4AAF-BC1B-6FCF7F2B5D62}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Soft Clouds - SP3 - Hotfix 5 (HKLM-x32\...\{98C432AB-8BC0-4C76-8336-889E907F955A}) (Version: 4.3.2017.0714 - REX Game Studios, LLC.)
REX Soft Clouds with SP3 - Hotfix 3 (HKLM-x32\...\{656E22EA-EB88-4F68-9F4E-61F6FBF5FF50}) (Version: 4.3.2016.0622 - REX Game Studios, LLC.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
SanityCheck 3.51 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
SceneryTech Africa Landclass v1.0 (HKLM-x32\...\{DA17C501-E443-4371-873C-3C79373A2E33}) (Version: 1.0 - SceneryTech)
SceneryTech Asia Landclass v1.0 (HKLM-x32\...\{F22EE695-4EF1-4188-A209-FD959A494F7B}) (Version: 1.0 - SceneryTech)
SceneryTech North America Landclass v1.4 (HKLM-x32\...\{E91C757A-854C-4057-A67D-7FAE297B2016}) (Version: 1.4 - SceneryTech)
SetFileDate 2.0 (HKLM-x32\...\SetFileDate_is1) (Version: - No Nonsense Software)
SetInstaller (HKLM-x32\...\{53A529DA-F303-466A-BB0F-5308B89854C3}) (Version: 1.00.0000 - RD-soft)
SIDSTAR Converter (HKLM-x32\...\{2FB37C4E-9370-4405-A037-43D23DE258B2}) (Version: 1.30.0000 - Matias Sorcinelli)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SimObject Display Engine (HKLM-x32\...\{C3CEE3FC-84DD-4B1A-8192-5FB8F490319F}) (Version: 1.6.4 - 12bPilot)
SimToolkitPro (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9dee011f30ac205b) (Version: 0.2.2.9 - SimToolkitPro)
Simware's - Valencia X - FSX (HKLM-x32\...\Valencia X - FSX) (Version: 1.14 - Simware)
Sleeping Dogs, версия 2.1 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 2.1 - Other s)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSD Tweaker 4.0.1 (HKLM\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 4.0.1 - elpamsoft.com)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swift 0.9.0 64bit (HKLM\...\swift 0.9.0) (Version: 0.9.0 - swift Project)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Telegram Desktop version 1.8.13 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.13 - Telegram FZ-LLC)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Tirana Intl` Airport - Albania 1.0 FSX (HKLM-x32\...\latixfsx1) (Version: 1.0 FSX - TropicalSim)
TOGA - ENVSHADE v1.0 (HKLM-x32\...\TOGA-ENVSHADE-AC95BBC1-68C7-48AA-AABC-47B3B2E52C09_is1) (Version: 1.0.0.0 - SimMarket)
TOGA_ENVTEX_1.2.0 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.2.0 - SimMarket)
TOPCAT 2.74 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 - FSS GmbH)
TOPER Calculator Tool version 1.8 (HKLM-x32\...\{92B07EA8-479E-4308-85B2-4A4B21554B33}_is1) (Version: 1.8 - Nikola Jovanovic)
Turbulent Terminal 2.4.4.0 (HKLM\...\{6E23BCF4-8093-4211-9050-D98353E5D830}) (Version: 2.4.4.0 - Turbulent Designs)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultimate Ground Crew X (HKLM-x32\...\Ultimate Ground Crew X ) (Version: - )
Ultimate Terrain Lights For FSX (HKLM-x32\...\Ultimate Terrain Lights For FSX) (Version: - )
Ultimate Terrain X - Europe V2.1 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - Europe V2.1 (FSX Support)) (Version: - )
Ultimate Terrain X - USA V2.3 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - USA V2.3 (FSX Support)) (Version: - )
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
URMM-2018 (HKLM-x32\...\{D65B8395-701B-4FED-94E5-30281FDD7E64}) (Version: 1.0.0 - STTS-PC (Tsyba Andrey))
utLive Fall/Winter 2018 Schedule (HKLM-x32\...\F1UTLive) (Version: 1.0.0.0 - Flight One Software)
UTX Europe V2.1 Install Manager (HKLM-x32\...\UTX Europe V2.1 Install Manager) (Version: - )
UTX USA V2.3 Install Manager (HKLM-x32\...\UTX USA V2.3 Install Manager) (Version: - )
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VFXCentral version 1.0.0.92 (HKLM-x32\...\VFXCentral_is1) (Version: 1.0.0.92 - OldProp Solutions Inc.)
Viber (HKLM-x32\...\{36E3DCB1-78E8-405A-8088-DFEE6BAB7BFF}) (Version: 6.8.2.878 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{190bc592-977d-4ebf-be51-225bed62e481}) (Version: 6.8.2.878 - Viber Media Inc.)
Video Downloader Converter (HKLM-x32\...\{1AB4F3A2-5033-5E70-7E46-A0BC12DDE448}) (Version: 3.14.8.6433 - Allavsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{560E475D-C5B0-4F8C-A21B-522CCC364D5B}) (Version: 15.0.3 - VMware, Inc.)
VMware Workstation (HKLM\...\{C6633647-27D4-4474-9195-5EEEF0E2EC06}) (Version: 14.1.3 - VMware, Inc.)
vPilot (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\vPilot) (Version: 2.2.2 - Ross Carlson)
Warface (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Warface) (Version: 1.316 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\WhatsApp) (Version: 0.3.4941 - WhatsApp)
WhoCrashed 6.60 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.50 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Acer Inc. Monitor (07/22/2012 1.0.0.0) (HKLM\...\8406B4755454697EF76881B741E08B055E4FA25D) (Version: 07/22/2012 1.0.0.0 - Acer Inc.)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/17/2012 1.17.65.11) (HKLM\...\39FCA3B1E44BB5B526E74F29B111ACB49ABC9017) (Version: 09/17/2012 1.17.65.11 - JMicron Technology Corp.)
Windows Driver Package - Phantom TAP-Windows Provider V9 (phantomtap) Net (11/05/2014 9.00.00.21) (HKLM\...\E86C43F8EA2789061467821169F2000B9944C0BE) (Version: 11/05/2014 9.00.00.21 - Phantom TAP-Windows Provider V9)
Windows Driver Package - Razer (HidUsb) HIDClass (11/20/2012 1.01) (HKLM\...\BE7F5114C00B9A620315841E988BBFAAEE165683) (Version: 11/20/2012 1.01 - Razer)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 10.1.3.2130) (HKLM\...\47974EDC781C5B49C74F733E14FC298A782DA59E) (Version: 05/23/2018 10.1.3.2130 - Silicon Laboratories Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinTools.net Premium version 18.0.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.0.1 - WinTools Software Engineering, Ltd.)
Wise Disk Cleaner 10.2.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.2.5 - WiseCleaner.com, Inc.)
WX Advantage Radar (HKLM-x32\...\{BA4156D4-A599-47BB-9844-9E351F7A9404}) (Version: 1.1.2018.1220 - MILVIZ REX Game Studios, LLC.)
WYSIWYG Web Builder 14.1.0 (HKLM-x32\...\WYSIWYG Web Builder 14_is1) (Version: 14.1.0 - Pablo Software Solutions)
XPFlightPlanner (uninstall) (HKLM-x32\...\XPFlightPlanner) (Version: - )
Агент Dating.ru (HKLM-x32\...\{BA9235A8-9B90-8B57-A43A-F23570C4D4E7}) (Version: 1.1.6 - UNKNOWN) Hidden
Агент Dating.ru (HKLM-x32\...\ru.dating.Client) (Version: 1.1.6 - UNKNOWN)
ВидеоМАСТЕР 12.0 (HKLM-x32\...\{42469BAA-1E65-4267-922E-3D10A0E491F1}_is1) (Version: 12.0 - AMS Software)
Игровой центр (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\GameCenter) (Version: 4.1514 - ООО Мэйл.Ру)
Периодическая система (HKLM-x32\...\Периодическая система) (Version: - )
Экипаж 4.0 для FSX(P3D) (HKLM\...\CREWRD) (Version: 4.0.5.0 - Роман Девятериков)
Экранная Камера 4.0 (HKLM-x32\...\Экранная Камера_is1) (Version: 4.0 - AMS Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\homepc\Desktop\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Периодическая система.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Справка.lnk -> C:\Program Files (x86)\Periodic Table\Table.chm () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Таблица Менделеева.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Химический калькулятор.lnk -> C:\Program Files (x86)\Periodic Table\ChemCalc.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Удалить программу Экипаж 4.0 FSX(P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Uninstall.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0.Руководство пользователя.lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Экипаж 4.0.Руководство пользователя.pdf () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
Shortcut: C:\Users\Public\Desktop\1C Предприятие.lnk -> C:\Program Files\1cv8\common\1cestart.exe (1C-Soft LLC) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Видео МАСТЕР.lnk -> C:\Program Files (x86)\ВидеоМАСТЕР\VideoMASTER.exe (AMS Software) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Экранная Камера.lnk -> C:\Program Files (x86)\Экранная Камера\ScreenCapture.exe (AMS Software) <==== Cyrillic

ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Деинсталляция.lnk -> C:\Program Files (x86)\Periodic Table\UNWISE.EXE () -> C:\PROGRA~2\PERIOD~1\INSTALL.LOG <==== Cyrillic
ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-12-24 16:58 - 2016-04-01 08:30 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000154112 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000075776 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000544256 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000079872 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000238080 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000272896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000124416 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 17:07 - 2019-03-05 17:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000217600 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000008192 _____ () [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2004-09-30 21:15 - 2004-09-30 21:15 - 000192000 _____ () [File not signed] C:\Program Files\LinkShellExtension\RockallDLL.dll
2018-11-27 01:19 - 2018-11-09 11:52 - 001801728 _____ () [File not signed] C:\Program Files\Loaris Trojan Remover\shellext.dll
2019-09-13 02:09 - 2019-07-17 13:09 - 000097280 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\autorun.wdx
2019-09-13 02:09 - 2019-01-11 11:14 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\Autorun_Sysinfo.dll
2019-09-13 02:09 - 2016-02-01 01:03 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\TCFS2Tools.dll
2019-09-13 02:09 - 2013-10-17 01:06 - 000047616 _____ () [File not signed] C:\TCPU71\Plugins\wdx\EncInfo\EncInfo.wdx
2017-08-04 23:22 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2017-08-04 23:22 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000189952 _____ (Bigfoot Networks, Inc.) [File not signed] C:\WINDOWS\system32\BfLLR.dll
2016-04-19 21:53 - 2016-04-19 21:53 - 000752640 _____ (Hermann Schinagl) [File not signed] C:\Program Files\LinkShellExtension\HardlinkShellExt.dll
2017-08-23 17:09 - 2016-10-04 17:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-08-23 17:09 - 2016-10-04 18:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip32.dll
2017-08-04 23:22 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\Logger.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\TcpServer.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 001115648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Jeppesen\CDA\libcurl.dll
2016-09-14 21:12 - 2016-09-14 21:12 - 000202752 _____ (TOSHIBA CLIENT SOLUTIONS CO., LTD.) [File not signed] C:\WINDOWS\System32\tbtmon.dll
2009-06-19 09:57 - 2019-05-15 16:50 - 000079176 ____R (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll
2013-06-18 18:51 - 2013-06-18 18:51 - 000057344 _____ (TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
2014-01-20 09:25 - 2014-01-20 09:25 - 000683520 _____ (TOSHIBA) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll
2019-03-17 09:56 - 2019-03-17 09:56 - 006790576 _____ (VMware, Inc. -> VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmwarebase.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-19 00:03 - 2019-10-07 23:00 - 000000820 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-06-28 00:48 - 2018-12-22 17:41 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.97.225 SIMPC.mshome.net # 2023 12 4 21 14 41 34 580

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\python27\;c:\python27\scripts;c:\python37\scripts\;c:\python37\;c:\program files\python37\scripts\;c:\program files\python37\;c:\program files (x86)\python37-32\scripts\;c:\program files (x86)\python37-32\;c:\program files (x86)\common files\oracle\java\javapath;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\putty\;c:\program files\microsoft sql server\120\tools\binn\;c:\windows\system32\openssh\;c:\program files (x86)\universal extractor;c:\program files (x86)\universal extractor\bin;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Process Lasso\;
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Zaxar Games Browser.lnk"
HKLM\...\StartupApproved\Run32: => "Process Killer"
HKLM\...\StartupApproved\Run32: => "QW787_v1.1.2a_update"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "FlightPlan"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\StartupFolder: => "Disk-O.lnk"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "agent.desktop"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "TeamSpeak 3 Client"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Task Killer"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "MailRuUpdater"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7EB13BC-B524-4B34-B19F-D9252E895FEC}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{92431C8F-8783-4B6D-BCD2-1F049D5E86A4}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{9EED2BA5-FD20-486D-A536-8BE733CF5298}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [UDP Query User{B2A2C08F-CF13-4F50-87B1-4404290DE6BC}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{B3B0E0F5-B6B9-4E6B-A579-8F2FF7DCD539}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{24AE18E1-376C-4C8C-88E3-756AD6E8F1FF}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{ECB6E938-BA55-4A79-9667-8CC59F907BED}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [{0C662D46-90B2-4A0D-993E-7B5AB74B63CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{447C1BF0-D395-408A-86B4-E79CB6CC4CA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E94FD67-2E65-4486-9C7A-0C23FED70134}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4556C8C8-5AB1-4441-A9F9-987E79AA2B07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [{D03D69C1-EFB2-450C-80BD-8FBEEF9671C2}] => (Allow) LPort=27018
FirewallRules: [{D68F1B17-D4AA-4299-9D3B-48C73F8E5FB7}] => (Allow) LPort=27018
FirewallRules: [{0858CDC2-5CA3-40AF-B904-1AD8657E51A1}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{CEB90DB5-53E8-4607-80E9-5339C6746EF2}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{3DAFD2DE-D713-4E2A-9600-17B452C2ED4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{054C41F6-66CE-42A8-9A1A-B8DEA1C550D3}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [TCP Query User{5FEB811F-332F-49F5-A162-B5BA002A663C}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [{CB77D2EC-DC39-422D-B413-39FBEC336DE9}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{595CA0CE-2A7E-4470-9BB6-38F103433F2B}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{4AA8CF2B-66F9-4BFC-9E0B-AA8F5885294E}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{3B107FF7-F480-4907-A4FB-3F7714F7BE68}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{5C744760-F3B0-4319-A879-D89B8A1074AA}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AEB22A63-9FA3-4A4A-9A44-7161B50FCDC3}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{C0460C5C-3A66-4632-97EB-070ACEF26479}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [UDP Query User{0B2BF0B2-41FE-4B71-8520-8AC3007D7720}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{53348E58-461E-4258-BA66-E91017C0FD16}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{B6AE70F1-BDF0-4E62-BB94-516B7C324753}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{5CDFCF59-26B3-4B69-8E06-3C02C9CAB553}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{96B991BD-E11E-4548-9A9C-E6186C8D7429}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{C1BFE00F-2415-4D08-80C1-F93BD570C451}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [UDP Query User{CE150DCC-B59C-4C0A-84EC-A60E8D542E34}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [TCP Query User{6EEACA57-4BBA-4634-9AD6-E4D2909A72E8}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [UDP Query User{02B17218-6FD4-4E07-A75F-51FBF71F5D0F}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{0A23C4E4-7622-48FB-861E-B7A7591414CF}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [UDP Query User{597CD9F4-E3D7-40B6-9CDD-545570488EF1}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{8B0212FC-66C6-4010-8DAB-2E9961FC3AAB}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [{23158DF7-2097-46A7-AAA2-B739F542D4A6}] => (Allow) LPort=19285
FirewallRules: [{2EF28D36-9962-4A7F-B599-927EEBA615D0}] => (Allow) LPort=19286
FirewallRules: [{39946E2F-5309-4F07-9D92-7E60D7D6D67D}] => (Allow) LPort=445
FirewallRules: [UDP Query User{6FA38C0B-2E44-43D9-930A-17C0CE6C8C41}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{FDFE1363-85A9-4896-AB5D-BC9765D67B61}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [UDP Query User{FA937985-DF0A-441E-A4AE-3A8FF5ADFF45}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{62ADDCD2-0570-4D2B-9E68-21B1713CBEC4}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{833BF29F-12FA-49D5-917F-D724EBE42016}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{026AADEC-B7C9-43C4-8B29-2DB65A9C9783}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6DC23AF1-4C8C-4F51-84B4-9C6F82AAF961}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7BA7B256-F089-4113-B38A-BD78E124F346}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D941EE11-D952-4076-8E61-210B28CDE073}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74176E21-E284-4ABB-881F-40023BCC5D55}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4846AC10-8DC2-446A-A653-14DFAED774F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [TCP Query User{676F5E36-DD33-4686-A370-1DE14D98E204}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [UDP Query User{57E59788-28E4-4FAA-8C3A-F19862BE5DCE}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [TCP Query User{521C2D40-5606-4928-905D-DB2E64B5ABEF}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [UDP Query User{192EBD3D-8889-41DD-95CA-C42AF1DAE9BC}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [{AD70EFAA-5E40-4138-970E-D3248BF9453C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9A3DD3D7-7F37-4ADF-86CE-5CA55A9CCEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{00049BA3-0170-46EA-8D25-5ADA116BAB9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{349911C9-75D0-4039-8A34-B0EECD22005C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FC842B5E-859A-492A-A1E2-657B9D834C7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{930BC321-7152-43CE-BDAC-D2AEC9743674}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C3F51683-AF61-4E18-8EB1-00C7408B5980}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{576A76CB-53C4-4743-8AF6-9E6207DCD6EA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{8C14099A-FC0D-4A2E-A749-BFF13E10F1C3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{684DE1AE-9DE5-4848-AB0E-C8C2F2ABCB33}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{960AB28A-53D9-4A30-8EC3-D7EE522B4DE4}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3B74F7E-4E85-4B55-A412-89FD511193E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E414530-A57C-4D99-9AD0-04199D8F0B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8650815-BA84-4AEE-97BD-301147899700}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{3ED8FFCD-9FB8-41B7-8F01-BC42F28CDAE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25611D40-D1A2-48F2-B5BC-CF3A1045319E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2799090-26FC-4FC6-BDFC-B7449E64C66A}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{A836BF80-D6CC-453F-B190-DCD289E7F13D}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{845C5C83-CE0A-4EE4-9140-BA844E868477}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F935380-61F5-47D2-AEE7-77C09CFC0E6B}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{29EAFA0F-4DA8-480D-A009-5EAEFFDD33D1}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{711D19CA-24AF-4AEE-B8A9-3520A4F649AA}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{BFC8316C-DDE7-4D75-A171-BD28A00672BB}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{9475C2EF-D956-4335-8966-3E10261F2551}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{10A22D99-92AE-42FE-8F2F-ACBFC91B1CDE}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{1A34BEEF-DCDE-4DCD-8417-FCE61D6BBD60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7675E67-63D5-40C5-AA26-47CF361648FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3410C96-7AD3-465B-9B10-B3E9D1EA52C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50311E7E-2AA7-4643-B80A-F26E2536FEE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D6C7C51-A369-4C2C-A51D-6BAD763F7215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C45E5B4-805E-4C2F-9B3B-5D26A69B7E9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DADFE512-9B4B-43E8-9813-2CA27C0855C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F12B7F3-232F-4C1F-8C8E-7B33034667C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B99D6CC3-7252-4E1C-897D-5AD7609BF5C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => c:\windows\system32\lvcod64.dll [398360 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => c:\windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => c:\windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => c:\windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.SCPR] => C:\Windows\SysWOW64\SCPR.dll [367116 2012-06-13] (Infognition Co. Ltd.) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Restore Points =========================

07-10-2019 23:01:19 Removed Prepar3D v4 Content

==================== Faulty Device Manager Devices =============

Name: Standard SATA AHCI Controller
Description: Standard SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard SATA AHCI Controller
Service: storahci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2019 11:36:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:36:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:36:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:36:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:27:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:27:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/07/2019 11:27:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/07/2019 11:27:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat


System errors:
=============
Error: (10/07/2019 11:23:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 11:23:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/07/2019 11:22:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7041) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service was unable to log on as .\homepc with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: 1C:Enterprise 8.3 Server Agent (x86-64)
Domain and account: .\homepc

This service account does not have the required user right "Log on as a service."

User Action

Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (10/07/2019 11:21:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CG6Service service failed to start due to the following error:
The system cannot find the path specified.

Error: (10/07/2019 11:21:55 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/07/2019 11:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================

Date: 2019-10-07 23:38:00.887
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:37:00.883
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:36:00.884
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:35:00.885
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:34:00.886
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:33:00.887
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:32:00.888
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-07 23:31:00.889
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\DrWeb\dwservice.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\BfLLR.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4d 12/12/2011
Motherboard: Gigabyte Technology Co., Ltd. G1.Guerrilla
Processor: Intel(R) Core(TM) i7 CPU 980 @ 3.33GHz
Percentage of memory in use: 36%
Total physical RAM: 12286.42 MB
Available physical RAM: 7793.16 MB
Total Virtual: 18835.76 MB
Available Virtual: 13422.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.78 GB) (Free:6.01 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (simdisk) (Fixed) (Total:119.24 GB) (Free:0.09 GB) NTFS
Drive e: (FILMS) (Fixed) (Total:931.51 GB) (Free:94.58 GB) NTFS
Drive f: (storage2) (Fixed) (Total:465.75 GB) (Free:0.67 GB) NTFS
Drive g: () (Fixed) (Total:55.89 GB) (Free:0.68 GB) NTFS
Drive h: (backup) (Fixed) (Total:931.51 GB) (Free:4.81 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c2d32257-0000-0000-0000-80b81b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2d32257-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F477C05A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 55.9 GB) (Disk ID: 465FB6DD)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C2D32257)
Partition 1: (Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FB81C632)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: FB81C633)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Any chance to get help,Sir? deleted all bypass activations of licensed software that i`am sure to be so but can't be responsible for rest of software cause i`am not one person who use this pc. not enough qualifications and competence to identify everything that installed and active here
 
With so many games and other programs installed, although Kaspersky reported removing the trojan, let's take it a couple steps further, particularly since your log shows all your security programs disabled -- definitely not a good idea.

1. Please open Malwarebytes and do the following:
  • Select Scan on the Dashboard and select the Threat Scan.
  • If an update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • Click on Reports in the left pane, and check the box next to the latest report (at the top). Click on View Report. [/*]
  • Select Export in the bottom left corner, and click Text File. Save the file to your desktop, with a name like MBAMLog.txt.[/*]
  • Open the Malwarebytes log on your desktop, and copy and paste its contents into your next reply.

2. Please download AdwCleaner and move it to your Desktop.
  1. Click on Scan and follow the prompts. Let it run unhindered.
  2. When done, click on the Clean button, and follow the prompts.
  3. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
  4. The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

3. Then, for one more "opinion", please do a scan with ESET Online Scanner. Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • Click on Get Started.
  • Another window will appear - select Get Started. Select whether you would like to send anonymous data to ESET.
  • Click on the Full Scan option.
  • Click on the option to Enable ESET to detect and remove potentially unwanted applications, and select Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop with a name like ESETlog.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • On your desktop, a file will be created called ESETlog.txt. Open it, then copy and paste its contents into your next reply.

4. Following all of that, which may take some time, please proved fresh FRST logs.

Thank you!
 
Last edited:
this computer is heavily used for work and games. you're right. tried to run Kaspersky tool again after removing the trojan, but nothing was detected. tried to scan with dr.web cureit! tool, but got BSOD while running it. i can`t provide ESET Online Scanner log cause it stucks every time while scan

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/8/19
Scan Time: 3:35 AM
Log File: 8d4ce396-e963-11e9-894e-001fc6276e5b.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.627
Update Package Version: 1.0.12803
License: Trial

-System Information-
OS: Windows 10 (Build 17763.775)
CPU: x64
File System: NTFS
User: SIMPC\homepc

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 607880
Threats Detected: 11
Threats Quarantined: 2
Time Elapsed: 2 min, 1 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Ignore
PUM: Ignore

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 2
Adware.NeoBar, HKU\S-1-5-21-2357164880-557895980-647672482-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}, Quarantined, [1367], [420739],1.0.12803
Adware.NeoBar, HKU\S-1-5-82-271721585-897601226-2024613209-625570482-296978595\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}, Quarantined, [1367], [420739],1.0.12803

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 9
PUP.Optional.MailRu, C:\USERS\HOMEPC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PZE24ZHJ.NESTOR\PREFS.JS, No Action By User, [254], [382918],1.0.12803
PUP.Optional.MailRu, C:\USERS\HOMEPC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PZE24ZHJ.NESTOR\PREFS.JS, No Action By User, [254], [382918],1.0.12803
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, No Action By User, [7923], [393793],1.0.12803
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.8.1\STANDALONEPHASE1.DAT, No Action By User, [7923], [393793],1.0.12803
PUP.Optional.Reimage, C:\USERS\HOMEPC\DOWNLOADS\REIMAGEREPAIR.EXE, No Action By User, [356], [331559],1.0.12803
PUP.Optional.MailRu, C:\USERS\HOMEPC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [254], [716220],1.0.12803
PUP.Optional.MailRu, C:\USERS\HOMEPC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [254], [454830],1.0.12803
PUP.Optional.MailRu, C:\USERS\HOMEPC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [254], [454830],1.0.12803
PUP.Optional.AuslogicsDriverUpdater, C:\PROGRAM FILES (X86)\AUSLOGICS\DRIVER UPDATER\DRIVERUPDATER.EXE, No Action By User, [3604], [341786],1.0.12803

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: Customer Support & Help Center
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-08-2019
# Duration: 00:00:24
# OS: Windows 10 Pro
# Scanned: 35164
# Detected: 37


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\homepc\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\homepc\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AuslogicsDriverUpdater C:\Program Files (x86)\Auslogics\Driver Updater
PUP.Optional.AuslogicsDriverUpdater C:\ProgramData\Auslogics\Driver Updater
PUP.Optional.AuslogicsDriverUpdater C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Driver Updater
PUP.Optional.Legacy C:\Program Files (x86)\GreenTree Applications
PUP.Optional.Legacy C:\ProgramData\BSD\DriverHiveEngine
PUP.Optional.Legacy C:\Users\homepc\AppData\Roaming\Wise Euask
PUP.Optional.SpyHunter C:\Program Files (x86)\spyhunter
PUP.Optional.TweakBit C:\ProgramData\BSD\DriverHive

***** [ Files ] *****

PUP.Optional.AuslogicsDriverUpdater C:\Users\homepc\Desktop\Auslogics Driver Updater.lnk
PUP.Optional.Legacy C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\invalidprefs.js
PUP.Optional.Reimage C:\Users\homepc\Downloads\ReimageRepair.exe
PUP.Optional.SpyHunter C:\Windows\SysWOW64\sh4native.exe

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.DriverUpdatePlus HKCU\Software\BSD
PUP.Optional.DriverUpdatePlus HKLM\Software\Wow6432Node\BSD
PUP.Optional.KnightSystemProtector HKLM\Software\Wow6432Node\\Classes\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|MailRuUpdater
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
PUP.Optional.Mail.Ru HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.Mail.Ru HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Mail.Ru HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
PUP.Optional.Mail.Ru HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.SpyHunter HKLM\Software\EnigmaSoftwareGroup

***** [ Chromium (and derivatives) ] *****

PUP.Optional.UCBrowser Download Master

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.Legacy ¬изуальные закладки
PUP.Optional.Legacy ¬изуальные закладки

***** [ Firefox URLs ] *****

PUP.Optional.Legacy oursurfing.com
PUP.Optional.Legacy oursurfing.com

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [11697 octets] - [08/10/2019 03:45:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by homepc (08-10-2019 10:49:43)
Running from C:\Users\homepc\Desktop\Tor Browser
Windows 10 Pro Version 1809 17763.775 (X64) (2018-12-16 19:38:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2357164880-557895980-647672482-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2357164880-557895980-647672482-503 - Limited - Disabled)
Guest (S-1-5-21-2357164880-557895980-647672482-501 - Limited - Disabled)
homepc (S-1-5-21-2357164880-557895980-647672482-1001 - Administrator - Enabled) => C:\Users\homepc
newuser (S-1-5-21-2357164880-557895980-647672482-1010 - Administrator - Enabled) => C:\Users\newuser
test (S-1-5-21-2357164880-557895980-647672482-1002 - Administrator - Enabled) => C:\Users\test
WDAGUtilityAccount (S-1-5-21-2357164880-557895980-647672482-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Dr.Web Security Space (Disabled - Up to date) {1F0B3F76-4795-94AD-DF9E-2678C33ACA8F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Dr.Web Firewall (Disabled) {2730BE53-0DFA-95F5-F4C1-8F4D3DE98DF4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
µTorrent (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
µTorrent 3.5.1 (HKLM-x32\...\µTorrentPro 3.5.1 Build 44358) (Version: - )
1C:Предприятие 8 (x86-64) (8.3.13.1690) (HKLM\...\{EE557440-904A-48D6-B8B9-F583F83E58D7}) (Version: 8.3.13.1690 - 1С-Софт)
3DMark (HKLM\...\{2B039C20-A45C-42F6-8BD2-4BD6A145A4FA}) (Version: 2.6.6233.0 - UL) Hidden
3DMark (HKLM-x32\...\{489449ac-3782-4a02-89b0-0aeeb367be04}) (Version: 2.6.6233.0 - UL)
4K Video Downloader (HKLM-x32\...\4K Video Downloader) (Version: - Open Media LLC)
4K Video Downloader 4.4.11.2412 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.4.11.2412 - lrepacks.ru)
4K Video Downloader 4.7.0.2602 (HKLM\...\4K Video Downloader_is1) (Version: 4.7.0.2602 - lrepacks.ru)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aarhus Airport X 1.4 (HKLM-x32\...\Aarhus Airport X 1.4) (Version: - )
ACARS Airborne 1.9 (HKLM-x32\...\ACARS Airborne_is1) (Version: - )
ACARS Dispatch 2.2 (HKLM-x32\...\Dispatch_is1) (Version: - )
Accu-Feel (HKLM-x32\...\Accu-Feel) (Version: - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version: - )
Accu-Feel v2 for Prepar3D v4 (HKLM\...\{D7AC696B-DF75-47FE-BF2F-81BCB3CFE518}) (Version: 2.1 - A2A Simulations Inc.) Hidden
Accu-Feel v2 for Prepar3D v4 (HKLM\...\Accu-Feel v2 for Prepar3D v4 2.1) (Version: 2.1 - A2A Simulations Inc.)
AccuMap (HKLM-x32\...\{FF800A09-B165-4CE4-878D-73E100822409}_is1) (Version: 1.2.0 - MothTech)
Active Sky 2016 for FSX (HKLM-x32\...\{25567157-5441-4731-9703-46c506d029c7}_is1) (Version: 1.0.6452.28386 - HiFi Technologies, Inc.)
Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6909.23676 - HiFi Technologies, Inc.)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6255.21938 - HiFi Technologies, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - FlightSim Commander 9 (HKLM-x32\...\{F941AABE-E868-42D9-9F38-884250F7898A}) (Version: 9.7.0.0 - aerosoft)
Aerosoft's - Simcheck Airbus A300B4-200 (HKLM-x32\...\{40C5DFE3-3B86-4151-A225-C7B28ACEFEB7}) (Version: 2.01 - Aerosoft)
Aerosoft's - Simcheck Airbus A300-FMC-add-on - FSX (HKLM-x32\...\Simcheck Airbus A300-FMC-add-on - FSX) (Version: 1.02 - Aerosoft)
AFSD v4.43 (HKLM-x32\...\AFSD_is1) (Version: 4.43 - Hervй Sors)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
AI Lights Reborn Free Edition (HKLM-x32\...\{46C94EA0-957E-11E7-6784-002FAB2F18BE}) (Version: 3.3.4 - Flight Sim Technologies)
AIControllerV20A (HKLM-x32\...\{730735EE-2AB1-408E-A09B-5EA6AA5A6A2A}) (Version: 2.0.1.0 - AIController)
AIDA64 (HKLM-x32\...\AIDA64) (Version: 6.10.5200 - FinalWire Ltd.)
AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 5.99.4900 - )
AILGenerator 4.9 (HKLM-x32\...\AILGenerator_is1) (Version: - Nico Kaan)
AirHauler 2 (HKLM-x32\...\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}) (Version: 1.00.5 - Just Flight)
Airport Design Editor 175 (HKLM-x32\...\ScruffyDuckSoftwareADE175) (Version: 1.75.6410.0 - ScruffyDuck Software)
Aiseesoft Video Downloader (HKLM-x32\...\{0CDC63F0-BDD6-09A4-CC0E-88C6B2CC27AA}) (Version: 6.0.88 - Aiseesoft Studio)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.16 - AivlaSoft )
AivlaSoft EFB2 Client (HKLM-x32\...\AivlaSoft EFB2 Client) (Version: 2.1 - Apprimus Informatik GmbH)
AivlaSoft EFB2 Server (HKLM-x32\...\AivlaSoft EFB2 Server) (Version: 2.1 - Apprimus Informatik GmbH)
AJPC v2.41 (HKLM-x32\...\AJPC_is1) (Version: 2.41 - Hervй Sors)
Allavsoft 3.16.4.6852 (HKLM-x32\...\Allavsoft_is1) (Version: 3.16.4.6852 - lrepacks.ru)
ALTVPN.com version 1.3 (HKLM-x32\...\{C6C3EC46-801F-4FDA-9BC2-D9AF255BA7D4}_is1) (Version: 1.3 - ALTVPN.com)
AOMEI Partition Assistant Standard Edition 8.4 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ARMI Project - Muscat OOMS FSX (HKLM-x32\...\ARMI Project - Muscat OOMS FSX) (Version: - )
ASConnect 2016 for FSX Installer (HKLM-x32\...\{7ef6df55-324a-418f-8d41-80ec539e6cf4}_is1) (Version: 1.0.0.37 - HiFi Technologies, Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Auslogics Driver Updater 1.20.1.0 (HKLM-x32\...\Auslogics Driver Updater_is1) (Version: 1.20.1.0 - Auslogics Labs Pty Ltd)
AUTHGURU (HKLM-x32\...\{E828A555-B89D-4041-BF92-9F08FD774978}) (Version: 9.4 - Bastion Infotech Pvt Ltd)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BestMonitor 2.01 (HKLM-x32\...\BestMonitor_is1) (Version: - BestChange.ru)
Bigfoot Networks Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks) Hidden
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
BlackBox Simulation - PreFlight Manager (HKLM-x32\...\BlackBox Simulation-PreFlightManager) (Version: 1.0.6600 - BlackBox Simulation)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.32.90.1001 - BlueStack Systems, Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.20.02(T) - Toshiba Client Solutions Co., Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boson NetSim 10 (HKLM-x32\...\{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC) Hidden
Boson NetSim 10 (HKLM-x32\...\InstallShield_{BB7EFCAE-611C-49F7-88AF-D91E3BCBF0C5}) (Version: 10.13.0000 - Boson Software, LLC)
Boson NetSim 11 (HKLM-x32\...\{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC) Hidden
Boson NetSim 11 (HKLM-x32\...\InstallShield_{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC)
BSS FSL A320 CFM V2 (HKLM-x32\...\BSS FSL A320 CFM V2) (Version: - )
BSS FSL A320 IAE V2.1 (HKLM-x32\...\BSS FSL A320 IAE V2.1) (Version: - )
BurnInTest v9.0 Pro (HKLM\...\BurnInTest_is1) (Version: 9.0.1010.0 - Passmark Software)
CA ERwin Process Modeler r7.3 (HKLM-x32\...\{CEEFB6A4-A02B-4A34-BAAB-200D9B7448B4}) (Version: 7.003.1773 - CA, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: - )
ChasePlane XEdition (HKLM-x32\...\{CB51E288-3016-47E2-A401-A15BA5AA3F97}_is1) (Version: 1.0.26 XE.1 - ChasePlane (XEdition))
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DigitalDesign - ULLI v1.1 (HKLM-x32\...\DIGITALDESIGN-ULLI-F5F8C557-F53A-4D45-8CB1-82FDF84BD7C7_is1) (Version: 1.0.0.0 - SimMarket)
Discord (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk-O (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{EB6332D7-3C3F-43AC-B332-4DC6E4EFE0C6}_is1) (Version: 18.02.0001 - Mail.Ru Group)
DMD-URKK (HKLM-x32\...\DMD-URKK-B32DCA3D-5D97-4A80-A969-60A961FD5E5D_is1) (Version: 1.0.0.0 - SimMarket)
Domodedovo International Airport v1.1 (HKLM-x32\...\MDESIGN_DOMODEDOVO_INTL_is1) (Version: 1.2.0.0 - SimMarket)
Download Master 6.16.1.1595 (HKLM-x32\...\Download Master_is1) (Version: 6.16.1.1595 - NEO)
Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
Driver Easy 5.6.8 (HKLM\...\DriverEasy_is1) (Version: 5.6.8 - Easeware)
DXGL 0.5.12 (HKLM-x32\...\DXGL) (Version: 0.5.12 - William Feely)
Eaglesoft Citation X 750 2.0 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Eaglesoft Citation X 750 2.0 ) (Version: - )
EaseUS Tool M 1.0 (HKLM-x32\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version: - EaseUS)
EasyNavs v5.13 (HKLM-x32\...\EasyNavs_is1) (Version: 5.13 - Hervй Sors)
EFASS version NG (HKLM-x32\...\{C99177FE-4E7B-46CA-B3C2-73581D4063C1}_is1) (Version: NG - Froom Simulation Software)
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
Electrum (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.2.0.1 - TOGA projects)
EXEStealth (HKLM-x32\...\EXEStealth) (Version: - )
EZdok Camera Version 2 (HKLM-x32\...\EZdok Camera Version 2) (Version: - )
F1 GTN Complete (HKLM-x32\...\F1GTN) (Version: 2.12 - Flight1 Aviation Technologies)
FLAi Operations Center (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9c54cef4273db6f7) (Version: 1.0.0.18 - BVARTCC)
Flight Environment X (HKLM-x32\...\Flight Environment X) (Version: - )
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Purchase Agent (HKLM-x32\...\Flight1 Purchase Agent) (Version: - )
FlightFX (remove only) (HKLM-x32\...\FlightFX) (Version: - )
Fly The Maddog X 32bit Edition for FSX (HKLM-x32\...\Fly The Maddog X 32bit Edition for FSX) (Version: - )
ForceBindIP (HKLM-x32\...\ForceBindIP) (Version: - )
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FS Cabin Crew Full Edition (HKLM-x32\...\{033F002F-BF4E-45E5-8522-823B87ED75D2}) (Version: 1.00.0000 - drubware.net)
FS Decelerate version 1.0 (HKLM-x32\...\{F7FDD01F-AC31-4923-92EC-D52D04311583}_is1) (Version: 1.0 - Nikola Jovanovic)
FS Real Time v1.98.1 (HKLM-x32\...\FS_Real_Time) (Version: - )
FS2XPlane (HKLM-x32\...\FS2XPlane) (Version: 3.26 - Jonathan Harris <x-plane@marginal.org.uk>)
FSAirlines Client (HKLM-x32\...\FSAirlines Client) (Version: - )
FSBuild 2 (HKLM-x32\...\FSBuild 2) (Version: 1 - EA)
Fsbuild 2.4.0.32 (HKLM-x32\...\Fsbuild 2.4.0.32) (Version: - )
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSControl v5.06 (HKLM-x32\...\FSControl_is1) (Version: 5.06 - Hervй Sors)
FSDG - Cape Town X FSX (HKLM-x32\...\FSDG - Cape Town X FSX) (Version: - )
FSDreamTeam GSX version 2.7.0 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.7.0 - VIRTUALI Sagl)
FSLabs A320-X Aeroflot livery v1.5 (HKLM-x32\...\FSLabs A320-X Aeroflot livery_is1) (Version: 0.1.5.0 - FlightSimLabs, Ltd.)
FSLabs A320X Binaries v1.0.1.310 for FSX (HKLM-x32\...\A320X_FSX_Binaries_is1) (Version: 1.0.1.310 - FlightSimLabs, Ltd.)
FSLabs A320X Resources v1.0.1.400 for FSX (HKLM-x32\...\A320X_FSX_Resources_is1) (Version: 1.0.1.400 - FlightSimLabs, Ltd.)
FSLSpotLights v1.0.0.38 (HKLM-x32\...\FSLSpotLights_is1) (Version: 1.0.0.38 - FlightSimLabs, Ltd.)
FSrealWX 3.01.1725 (HKLM-x32\...\FSrealWX 3.0_is1) (Version: 3.01.1725 - Hanse-Coders)
FSrealWX Pro Version 2.04.866 (HKLM-x32\...\FSrealWX Pro_is1) (Version: 2.04.866 - Hanse-Coders)
FSrealWX Server Version 1.00.80 (HKLM-x32\...\FSrealWX Server_is1) (Version: 1.00.80 - Hanse-Coders.)
FSTramp (HKLM-x32\...\{0B3EAF6B-BBF1-45EF-B4DA-D16DC7574507}_is1) (Version: 7.26 - Team FSTramp)
Futuremark SystemInfo (HKLM-x32\...\{54A3802E-DFED-4235-85A7-A604FE1CC64D}) (Version: 5.14.693.0 - Futuremark)
FxSound Enhancer (HKLM-x32\...\FxSound Enhancer) (Version: 13.027 - FxSound)
Garmin Aviation Checklist Editor (HKLM-x32\...\{51B555C4-F02B-44A5-8710-8EFE8FCB0589}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Aviation Trainers (HKLM-x32\...\{ebaa1977-06b1-4bef-8e97-ee6421df8e96}) (Version: 2.5.0.0 - Garmin)
Garmin GTN Trainer (HKLM-x32\...\{6DFD1B14-A965-4729-AFB9-408447388AB3}) (Version: 6.62.0.0 - Garmin) Hidden
Garmin Trainer Databases (HKLM-x32\...\{ABD210BC-DB31-4B6C-A342-B022F6FC9945}) (Version: 2.5.0.0 - Garmin) Hidden
Garmin Trainer Launcher (HKLM-x32\...\{95C42791-3D93-4234-9710-8460719D1585}) (Version: 2.5.0.0 - Garmin) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.30 - Janos Mathe)
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: 5.40.10482 - )
HHD Software Hex Editor Neo 6.42 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.42.1.6170 - HHD Software, Ltd.)
HideMy.name VPN (HKLM-x32\...\{D4C4FDDF-AB53-4E45-BB78-AFA80D034589}) (Version: 1.43 - inCloak Network Ltd.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyperion EOS Control Data Suite (HKLM-x32\...\{615030C8-3D49-4CC1-BD58-5549107A924B}) (Version: 13.08.20 - Hyperion)
HyperSnap (HKLM\...\{39332DD5-F8B8-D804-EE99-DB3BF785DDA1}) (Version: 8.13.02 - Hyperionics Technology LLC)
HyperSnap (HKLM-x32\...\HyperSnap 8.10.00) (Version: - )
iFly Jets - The 737NG for FSX (HKLM-x32\...\iFly Jets - The 737NG for FSX) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Hotfix 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Hotfix 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1 (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1) (Version: - )
iFly Jets - The 747-400 V2 for FSX - Service pack 1a (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX - Service pack 1a) (Version: - )
iFly Jets - The 747-400 V2 for FSX (HKLM-x32\...\iFly Jets - The 747-400 V2 for FSX) (Version: - )
iFly737 FSX DVD Customer Update 3.1 (HKLM-x32\...\iFly737 FSX DVD Customer Update 3.1) (Version: - )
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Infognition ScreenPressor v2.1 (Remove Only) (HKLM-x32\...\SCPR) (Version: - )
InnoExtractor 5.2.2.188 (HKLM-x32\...\{406AB259-8887-4257-AE79-78D3BC3E528B}_is1) (Version: 5.2.2.188 - Havy Alegria)
Intel(R) Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
iSpring Free Cam 8 (HKLM-x32\...\{A85094B2-BFE8-4C0D-8FF9-2B139D6A4008}) (Version: 8.7.19627 - iSpring Solutions Inc.)
IvAi v1.0.0 b150 (HKLM\...\IvAi_is1) (Version: - IVAO)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
kACARS - Landing Rate (HKLM-x32\...\{FD1DE517-419E-4AD1-A791-72214057E3AD}) (Version: 1.0.0000 - FS-Products)
Letasoft Sound Booster 1.11.0.505 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.505 - Letasoft LLC)
Level-D 767-300 for FSX (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Level-D 767-300 for FSX) (Version: - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Loaris Trojan Remover 3.0.68 (HKLM\...\Loaris Trojan Remover_is1) (Version: 3.0.68 - lrepacks.ru)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MCDU 2.31 (HKLM-x32\...\MCDU_is1) (Version: - )
MediaHuman YouTube Downloader 3.9.9.10 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.10 - MediaHuman)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MFS Client (HKLM-x32\...\MFS Client) (Version: - )
MFSClientV5 (HKLM-x32\...\MFSClientV5) (Version: - )
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: - )
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: - )
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM-x32\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 4.0.1.1101 - Flightsim Estonia)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 69.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 69.0.2 (x64 en-GB)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NMG OR Tambo International V4.3 (FSX) (HKLM-x32\...\NMG OR Tambo International V4.3 (FSX)) (Version: - )
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NTLite v1.8.0.7165 (HKLM\...\NTLite_is1) (Version: 1.8.0.7165 - Nlitesoft)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden
OpenVPN 2.5_git-I602 20170914 refs/heads/master/5fd8e94d31182557 (HKLM\...\OpenVPN) (Version: 2.5_git-I602 - OpenVPN Technologies, Inc.)
OpusFSI Version 5 Flight Simulator Interface (HKLM-x32\...\{98082A12-E24F-4568-B602-B95A3534D91D}) (Version: 5.28.3 - Opus Software Limited)
OpusFSX for FSX and Prepar3D Flight Simulators (HKLM-x32\...\{A6C11E93-4637-4467-B623-AE7F675DF046}) (Version: 3.55.2 - Opus Software Limited)
Oracle VM VirtualBox 5.2.16 (HKLM\...\{9BDE6621-5201-47E9-8394-FF44CBD66A1E}) (Version: 5.2.16 - Oracle Corporation)
OSFMount v2.0 (HKLM\...\OSFMount_is1) (Version: 2.0.1001 - Passmark Software)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.3.1.8 - Bitsum)
Pilots - Almeria LEAM (HKLM-x32\...\Pilots - Almeria LEAM) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion FSX (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PolyLoader (HKLM-x32\...\{2C3BFF40-1468-48F4-8902-DC553874D636}) (Version: 3.5.3 - Yemiez)
Prepar3D v4 Professional Plus (HKLM-x32\...\{33dd160e-e04d-4022-8250-0a7f4b50a542}) (Version: 4.5.12.30293 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.5.12.30293 - Lockheed Martin)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Process Lasso 9.3.0.44 (HKLM\...\Process Lasso_is1) (Version: 9.3.0.44 - Bitsum LLC)
Process Lasso Pro (HKLM-x32\...\Process Lasso Pro) (Version: - )
PSXseeconTraffic 14.6 (HKLM-x32\...\PSXseeconTraffic_is1) (Version: - Nico Kaan)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QSimPlanner version 0.4.8 (HKLM-x32\...\QSimPlanner_is1) (Version: 0.4.8 - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version: - )
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Reg Organizer (HKLM-x32\...\Reg Organizer) (Version: - ChemTable Software)
Reg Organizer 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - lrepacks.ru)
Resource Hacker Version 5.0.42 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Resource Tuner 2.20 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.20 - Heaventools Software)
REX 4 Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{C7BB0C28-2AE4-4AAB-A38B-42CFADDC0EF5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Sky Force 3D for FSX, FSX-Steam, P3Dv3 (HKLM-x32\...\{A4D281C6-83D5-4150-B52D-032DE1465651}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 - PATCH ONLY (HKLM\...\{622205F7-7CC6-4314-9269-8029E4FE0EF8}) (Version: 5.0.2018.0520 - REX Game Studios, LLC.)
REX Sky Force 3D for P3Dv4 (HKLM\...\{AAA37EC2-CBC4-4525-999F-12AB2C8542E5}) (Version: 5.0.2018.0508 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{2481E6EB-6771-4507-89BC-3CDC701F7949}) (Version: 5.0.2019.0116 - REX Game Studios, LLC.)
REX Sky Force 3D for Prepar3D v4 (HKLM\...\{556C3051-15D2-4AAF-BC1B-6FCF7F2B5D62}) (Version: 5.0.2018.0420 - REX Game Studios, LLC.)
REX Soft Clouds - SP3 - Hotfix 5 (HKLM-x32\...\{98C432AB-8BC0-4C76-8336-889E907F955A}) (Version: 4.3.2017.0714 - REX Game Studios, LLC.)
REX Soft Clouds with SP3 - Hotfix 3 (HKLM-x32\...\{656E22EA-EB88-4F68-9F4E-61F6FBF5FF50}) (Version: 4.3.2016.0622 - REX Game Studios, LLC.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
SanityCheck 3.51 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
SceneryTech Africa Landclass v1.0 (HKLM-x32\...\{DA17C501-E443-4371-873C-3C79373A2E33}) (Version: 1.0 - SceneryTech)
SceneryTech Asia Landclass v1.0 (HKLM-x32\...\{F22EE695-4EF1-4188-A209-FD959A494F7B}) (Version: 1.0 - SceneryTech)
SceneryTech North America Landclass v1.4 (HKLM-x32\...\{E91C757A-854C-4057-A67D-7FAE297B2016}) (Version: 1.4 - SceneryTech)
SetFileDate 2.0 (HKLM-x32\...\SetFileDate_is1) (Version: - No Nonsense Software)
SetInstaller (HKLM-x32\...\{53A529DA-F303-466A-BB0F-5308B89854C3}) (Version: 1.00.0000 - RD-soft)
SIDSTAR Converter (HKLM-x32\...\{2FB37C4E-9370-4405-A037-43D23DE258B2}) (Version: 1.30.0000 - Matias Sorcinelli)
SimBrief Downloader 1.4.5 (only current user) (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SimObject Display Engine (HKLM-x32\...\{C3CEE3FC-84DD-4B1A-8192-5FB8F490319F}) (Version: 1.6.4 - 12bPilot)
SimToolkitPro (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\9dee011f30ac205b) (Version: 0.2.2.9 - SimToolkitPro)
Simware's - Valencia X - FSX (HKLM-x32\...\Valencia X - FSX) (Version: 1.14 - Simware)
Sleeping Dogs, версия 2.1 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 2.1 - Other s)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSD Tweaker 4.0.1 (HKLM\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 4.0.1 - elpamsoft.com)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swift 0.9.0 64bit (HKLM\...\swift 0.9.0) (Version: 0.9.0 - swift Project)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Telegram Desktop version 1.8.13 (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.13 - Telegram FZ-LLC)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Tirana Intl` Airport - Albania 1.0 FSX (HKLM-x32\...\latixfsx1) (Version: 1.0 FSX - TropicalSim)
TOGA - ENVSHADE v1.0 (HKLM-x32\...\TOGA-ENVSHADE-AC95BBC1-68C7-48AA-AABC-47B3B2E52C09_is1) (Version: 1.0.0.0 - SimMarket)
TOGA_ENVTEX_1.2.0 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.2.0 - SimMarket)
TOPCAT 2.74 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 - FSS GmbH)
TOPER Calculator Tool version 1.8 (HKLM-x32\...\{92B07EA8-479E-4308-85B2-4A4B21554B33}_is1) (Version: 1.8 - Nikola Jovanovic)
Turbulent Terminal 2.4.4.0 (HKLM\...\{6E23BCF4-8093-4211-9050-D98353E5D830}) (Version: 2.4.4.0 - Turbulent Designs)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultimate Ground Crew X (HKLM-x32\...\Ultimate Ground Crew X ) (Version: - )
Ultimate Terrain Lights For FSX (HKLM-x32\...\Ultimate Terrain Lights For FSX) (Version: - )
Ultimate Terrain X - Europe V2.1 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - Europe V2.1 (FSX Support)) (Version: - )
Ultimate Terrain X - USA V2.3 (FSX Support) (HKLM-x32\...\Ultimate Terrain X - USA V2.3 (FSX Support)) (Version: - )
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
URMM-2018 (HKLM-x32\...\{D65B8395-701B-4FED-94E5-30281FDD7E64}) (Version: 1.0.0 - STTS-PC (Tsyba Andrey))
utLive Fall/Winter 2018 Schedule (HKLM-x32\...\F1UTLive) (Version: 1.0.0.0 - Flight One Software)
UTX Europe V2.1 Install Manager (HKLM-x32\...\UTX Europe V2.1 Install Manager) (Version: - )
UTX USA V2.3 Install Manager (HKLM-x32\...\UTX USA V2.3 Install Manager) (Version: - )
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VFXCentral version 1.0.0.92 (HKLM-x32\...\VFXCentral_is1) (Version: 1.0.0.92 - OldProp Solutions Inc.)
Viber (HKLM-x32\...\{36E3DCB1-78E8-405A-8088-DFEE6BAB7BFF}) (Version: 6.8.2.878 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\{190bc592-977d-4ebf-be51-225bed62e481}) (Version: 6.8.2.878 - Viber Media Inc.)
Video Downloader Converter (HKLM-x32\...\{1AB4F3A2-5033-5E70-7E46-A0BC12DDE448}) (Version: 3.14.8.6433 - Allavsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{560E475D-C5B0-4F8C-A21B-522CCC364D5B}) (Version: 15.0.3 - VMware, Inc.)
VMware Workstation (HKLM\...\{C6633647-27D4-4474-9195-5EEEF0E2EC06}) (Version: 14.1.3 - VMware, Inc.)
vPilot (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\vPilot) (Version: 2.2.2 - Ross Carlson)
Warface (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Warface) (Version: 1.316 - Mail.Ru)
WhatsApp (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\WhatsApp) (Version: 0.3.4941 - WhatsApp)
WhoCrashed 6.60 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.50 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Acer Inc. Monitor (07/22/2012 1.0.0.0) (HKLM\...\8406B4755454697EF76881B741E08B055E4FA25D) (Version: 07/22/2012 1.0.0.0 - Acer Inc.)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\B0CC38E1CE139A5179BF0F8255865BD29DA00B02) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/17/2012 1.17.65.11) (HKLM\...\39FCA3B1E44BB5B526E74F29B111ACB49ABC9017) (Version: 09/17/2012 1.17.65.11 - JMicron Technology Corp.)
Windows Driver Package - Phantom TAP-Windows Provider V9 (phantomtap) Net (11/05/2014 9.00.00.21) (HKLM\...\E86C43F8EA2789061467821169F2000B9944C0BE) (Version: 11/05/2014 9.00.00.21 - Phantom TAP-Windows Provider V9)
Windows Driver Package - Razer (HidUsb) HIDClass (11/20/2012 1.01) (HKLM\...\BE7F5114C00B9A620315841E988BBFAAEE165683) (Version: 11/20/2012 1.01 - Razer)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 10.1.3.2130) (HKLM\...\47974EDC781C5B49C74F733E14FC298A782DA59E) (Version: 05/23/2018 10.1.3.2130 - Silicon Laboratories Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinTools.net Premium version 18.0.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.0.1 - WinTools Software Engineering, Ltd.)
Wise Disk Cleaner 10.2.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.2.5 - WiseCleaner.com, Inc.)
WX Advantage Radar (HKLM-x32\...\{BA4156D4-A599-47BB-9844-9E351F7A9404}) (Version: 1.1.2018.1220 - MILVIZ REX Game Studios, LLC.)
WYSIWYG Web Builder 14.1.0 (HKLM-x32\...\WYSIWYG Web Builder 14_is1) (Version: 14.1.0 - Pablo Software Solutions)
XPFlightPlanner (uninstall) (HKLM-x32\...\XPFlightPlanner) (Version: - )
Агент Dating.ru (HKLM-x32\...\{BA9235A8-9B90-8B57-A43A-F23570C4D4E7}) (Version: 1.1.6 - UNKNOWN) Hidden
Агент Dating.ru (HKLM-x32\...\ru.dating.Client) (Version: 1.1.6 - UNKNOWN)
ВидеоМАСТЕР 12.0 (HKLM-x32\...\{42469BAA-1E65-4267-922E-3D10A0E491F1}_is1) (Version: 12.0 - AMS Software)
Игровой центр (HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\GameCenter) (Version: 4.1514 - ООО Мэйл.Ру)
Периодическая система (HKLM-x32\...\Периодическая система) (Version: - )
Экипаж 4.0 для FSX(P3D) (HKLM\...\CREWRD) (Version: 4.0.5.0 - Роман Девятериков)
Экранная Камера 4.0 (HKLM-x32\...\Экранная Камера_is1) (Version: 4.0 - AMS Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-02-20] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [HitmanPro] -> {D7CF1AF8-E2AD-4DA4-ACE5-77F8A58AB71D} => C:\Program Files\HitmanPro\hmpshext.dll [2018-02-26] (SurfRight B.V. -> SurfRight B.V.)
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\homepc\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-16] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA) [File not signed]
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2019-04-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl) [File not signed]
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2018-11-09] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\homepc\Desktop\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Периодическая система.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Справка.lnk -> C:\Program Files (x86)\Periodic Table\Table.chm () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Таблица Менделеева.lnk -> C:\Program Files (x86)\Periodic Table\Table.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Химический калькулятор.lnk -> C:\Program Files (x86)\Periodic Table\ChemCalc.exe (Mark Polyak) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Удалить программу Экипаж 4.0 FSX(P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Uninstall.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0 FSX (P3D).lnk -> C:\Program Files (x86)\RD-soft\CREWRD\CrewRD.exe (RD-soft) <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft\Экипаж 4.0 FSX(P3D)\Экипаж 4.0.Руководство пользователя.lnk -> C:\Program Files (x86)\RD-soft\CREWRD\Экипаж 4.0.Руководство пользователя.pdf () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru\Игровой центр.lnk -> C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe () <==== Cyrillic
Shortcut: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
Shortcut: C:\Users\Public\Desktop\1C Предприятие.lnk -> C:\Program Files\1cv8\common\1cestart.exe (1C-Soft LLC) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Видео МАСТЕР.lnk -> C:\Program Files (x86)\ВидеоМАСТЕР\VideoMASTER.exe (AMS Software) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Экранная Камера.lnk -> C:\Program Files (x86)\Экранная Камера\ScreenCapture.exe (AMS Software) <==== Cyrillic

ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Периодическая система\Деинсталляция.lnk -> C:\Program Files (x86)\Periodic Table\UNWISE.EXE () -> C:\PROGRA~2\PERIOD~1\INSTALL.LOG <==== Cyrillic
ShortcutWithArgument: C:\Users\homepc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-12-24 16:58 - 2016-04-01 08:30 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000154112 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000075776 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000544256 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000079872 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000238080 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000272896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 000124416 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-03-05 17:07 - 2019-03-05 17:07 - 000642048 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-03-05 17:06 - 2019-03-05 17:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000217600 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000008192 _____ () [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2004-09-30 21:15 - 2004-09-30 21:15 - 000192000 _____ () [File not signed] C:\Program Files\LinkShellExtension\RockallDLL.dll
2018-11-27 01:19 - 2018-11-09 11:52 - 001801728 _____ () [File not signed] C:\Program Files\Loaris Trojan Remover\shellext.dll
2017-08-04 23:22 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2017-08-04 23:22 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2016-04-19 21:53 - 2016-04-19 21:53 - 000752640 _____ (Hermann Schinagl) [File not signed] C:\Program Files\LinkShellExtension\HardlinkShellExt.dll
2017-08-23 17:09 - 2016-10-04 17:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-08-04 23:22 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\Logger.dll
2017-08-04 23:22 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [File not signed] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\TcpServer.dll
2018-12-24 16:58 - 2016-04-01 08:30 - 001115648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Jeppesen\CDA\libcurl.dll
2019-10-07 23:57 - 2019-09-10 17:19 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\imageformats\qgif.dll
2019-10-07 23:57 - 2019-09-10 17:19 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\imageformats\qico.dll
2019-10-07 23:57 - 2019-09-10 17:19 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\platforms\qwindows.dll
2019-10-07 23:57 - 2019-09-10 17:19 - 004679168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\Qt5Core.dll
2019-10-07 23:57 - 2019-09-10 17:19 - 005026816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\Qt5Gui.dll
2019-10-07 23:57 - 2019-09-10 17:19 - 004480512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\Qt5Widgets.dll
2016-09-14 21:12 - 2016-09-14 21:12 - 000202752 _____ (TOSHIBA CLIENT SOLUTIONS CO., LTD.) [File not signed] C:\WINDOWS\System32\tbtmon.dll
2009-06-19 09:57 - 2019-05-15 16:50 - 000079176 ____R (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll
2013-06-18 18:51 - 2013-06-18 18:51 - 000057344 _____ (TOSHIBA CORPORATION.) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
2014-01-20 09:25 - 2014-01-20 09:25 - 000683520 _____ (TOSHIBA) [File not signed] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll
2019-03-17 09:56 - 2019-03-17 09:56 - 006790576 _____ (VMware, Inc. -> VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmwarebase.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12130075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22462713.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-19 00:03 - 2019-10-07 23:00 - 000000820 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-06-28 00:48 - 2018-12-22 17:41 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.97.225 SIMPC.mshome.net # 2023 12 4 21 14 41 34 580

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\python27\;c:\python27\scripts;c:\python37\scripts\;c:\python37\;c:\program files\python37\scripts\;c:\program files\python37\;c:\program files (x86)\python37-32\scripts\;c:\program files (x86)\python37-32\;c:\program files (x86)\common files\oracle\java\javapath;c:\programdata\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files\putty\;c:\program files\microsoft sql server\120\tools\binn\;c:\windows\system32\openssh\;c:\program files (x86)\universal extractor;c:\program files (x86)\universal extractor\bin;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\;c:\program files (x86)\toshiba\bluetooth toshiba stack\sys\x64\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Process Lasso\;
HKU\S-1-5-21-2357164880-557895980-647672482-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Zaxar Games Browser.lnk"
HKLM\...\StartupApproved\Run32: => "Process Killer"
HKLM\...\StartupApproved\Run32: => "QW787_v1.1.2a_update"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "FlightPlan"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\StartupFolder: => "Disk-O.lnk"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "agent.desktop"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "TeamSpeak 3 Client"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Task Killer"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7EB13BC-B524-4B34-B19F-D9252E895FEC}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{92431C8F-8783-4B6D-BCD2-1F049D5E86A4}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{9EED2BA5-FD20-486D-A536-8BE733CF5298}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [UDP Query User{B2A2C08F-CF13-4F50-87B1-4404290DE6BC}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{B3B0E0F5-B6B9-4E6B-A579-8F2FF7DCD539}E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe] => (Allow) E:\utorrent 3.5.3 build 44494 pro portable by коля3д79 [multiru]\utorrentpro\utorrent.exe (diakov.net -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{24AE18E1-376C-4C8C-88E3-756AD6E8F1FF}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{ECB6E938-BA55-4A79-9667-8CC59F907BED}C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe] => (Allow) C:\program files\aivlasoft\efb2\server\aivlasoft.efb.server.exe (Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [{0C662D46-90B2-4A0D-993E-7B5AB74B63CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{447C1BF0-D395-408A-86B4-E79CB6CC4CA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E94FD67-2E65-4486-9C7A-0C23FED70134}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4556C8C8-5AB1-4441-A9F9-987E79AA2B07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - b0d2c471-3f1a-41c3-8f74-5850316c8b0d - 0] => (Allow) LPort=53
FirewallRules: [{D03D69C1-EFB2-450C-80BD-8FBEEF9671C2}] => (Allow) LPort=27018
FirewallRules: [{D68F1B17-D4AA-4299-9D3B-48C73F8E5FB7}] => (Allow) LPort=27018
FirewallRules: [{0858CDC2-5CA3-40AF-B904-1AD8657E51A1}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{CEB90DB5-53E8-4607-80E9-5339C6746EF2}] => (Allow) C:\Program Files (x86)\BASTION\BLMS.exe () [File not signed]
FirewallRules: [{3DAFD2DE-D713-4E2A-9600-17B452C2ED4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{054C41F6-66CE-42A8-9A1A-B8DEA1C550D3}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [TCP Query User{5FEB811F-332F-49F5-A162-B5BA002A663C}C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\chaseplane\chaseplane.exe (OldProp Solutions Inc.) [File not signed]
FirewallRules: [{CB77D2EC-DC39-422D-B413-39FBEC336DE9}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{595CA0CE-2A7E-4470-9BB6-38F103433F2B}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{4AA8CF2B-66F9-4BFC-9E0B-AA8F5885294E}D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\o398rbuiud93uix_t388ls\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{3B107FF7-F480-4907-A4FB-3F7714F7BE68}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{5C744760-F3B0-4319-A879-D89B8A1074AA}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AEB22A63-9FA3-4A4A-9A44-7161B50FCDC3}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{C0460C5C-3A66-4632-97EB-070ACEF26479}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [UDP Query User{0B2BF0B2-41FE-4B71-8520-8AC3007D7720}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{53348E58-461E-4258-BA66-E91017C0FD16}E:\tftpd64.450\tftpd64.exe] => (Allow) E:\tftpd64.450\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{B6AE70F1-BDF0-4E62-BB94-516B7C324753}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{5CDFCF59-26B3-4B69-8E06-3C02C9CAB553}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{96B991BD-E11E-4548-9A9C-E6186C8D7429}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{C1BFE00F-2415-4D08-80C1-F93BD570C451}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [UDP Query User{CE150DCC-B59C-4C0A-84EC-A60E8D542E34}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [TCP Query User{6EEACA57-4BBA-4634-9AD6-E4D2909A72E8}C:\users\homepc\appdata\local\vpilot\vpilot.exe] => (Allow) C:\users\homepc\appdata\local\vpilot\vpilot.exe (Metacraft) [File not signed]
FirewallRules: [UDP Query User{02B17218-6FD4-4E07-A75F-51FBF71F5D0F}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{0A23C4E4-7622-48FB-861E-B7A7591414CF}C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe] => (Allow) C:\program files (x86)\oldprop solutions inc\vfxcentral\fsfx_tools.exe () [File not signed]
FirewallRules: [UDP Query User{597CD9F4-E3D7-40B6-9CDD-545570488EF1}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [TCP Query User{8B0212FC-66C6-4010-8DAB-2E9961FC3AAB}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU)
FirewallRules: [{23158DF7-2097-46A7-AAA2-B739F542D4A6}] => (Allow) LPort=19285
FirewallRules: [{2EF28D36-9962-4A7F-B599-927EEBA615D0}] => (Allow) LPort=19286
FirewallRules: [{39946E2F-5309-4F07-9D92-7E60D7D6D67D}] => (Allow) LPort=445
FirewallRules: [UDP Query User{6FA38C0B-2E44-43D9-930A-17C0CE6C8C41}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [TCP Query User{FDFE1363-85A9-4896-AB5D-BC9765D67B61}C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Allow) C:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe (Apprimus Informatik GmbH -> Apprimus Informatik GmbH - www.apprimus.ch) [File not signed]
FirewallRules: [UDP Query User{FA937985-DF0A-441E-A4AE-3A8FF5ADFF45}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [TCP Query User{62ADDCD2-0570-4D2B-9E68-21B1713CBEC4}D:\orbxtools\orbx_loader\orbx_tools.exe] => (Allow) D:\orbxtools\orbx_loader\orbx_tools.exe () [File not signed]
FirewallRules: [{833BF29F-12FA-49D5-917F-D724EBE42016}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{026AADEC-B7C9-43C4-8B29-2DB65A9C9783}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6DC23AF1-4C8C-4F51-84B4-9C6F82AAF961}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7BA7B256-F089-4113-B38A-BD78E124F346}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D941EE11-D952-4076-8E61-210B28CDE073}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74176E21-E284-4ABB-881F-40023BCC5D55}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4846AC10-8DC2-446A-A653-14DFAED774F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [TCP Query User{676F5E36-DD33-4686-A370-1DE14D98E204}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [UDP Query User{57E59788-28E4-4FAA-8C3A-F19862BE5DCE}E:\handycacherc4.1.0.0.700\handycache.exe] => (Allow) E:\handycacherc4.1.0.0.700\handycache.exe () [File not signed]
FirewallRules: [TCP Query User{521C2D40-5606-4928-905D-DB2E64B5ABEF}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [UDP Query User{192EBD3D-8889-41DD-95CA-C42AF1DAE9BC}D:\orbxtools\orbx_loader\interceptr v2.exe] => (Allow) D:\orbxtools\orbx_loader\interceptr v2.exe () [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B194E363-D4D2-4104-8D06-75051A076454 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59A2ADDA-F4BC-4CE3-8EA0-444109E3C9C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DB01706-C882-4E34-B8C3-2C79255AB1E1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1E7B7A02-EAE8-4570-81AF-6A0D6A937E99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 34D413F1-ED89-4B97-B39A-F8979DEF1AB1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5F4DE150-0F64-493C-89E6-77842DF22A7E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05AC893C-CE7D-4EF8-8B7E-E2D9DFC500AF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 29A36E14-2025-4A7A-8B10-D25493603D67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C16F2AB2-B828-442B-A66C-56C53391D5DA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 08B24842-4C2C-4D83-92EA-0FC366F188BC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F21F062C-C31C-456B-A322-F491FCB55922 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 040F6EC6-476F-47AB-A2EA-418042E628C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C7DF45A0-9293-4B01-BBBE-3427AC47309B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 4DEC0A49-1E31-4745-AE03-B26CBE2A2CC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F33B266-50F4-45C5-AAB2-41884F775059 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3D340871-3994-4F01-AE95-F29442D41967 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E43CDF8A-4655-4338-AF35-118054C05153 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 47202F10-153F-42A0-99CA-5840B8AB83D1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F5216393-696D-465D-BDDF-CE3938A5EE43 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0E67BF4F-18B6-4CDB-9E50-C86233A56D88 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7F9B3D64-0F9D-4CE3-A92E-446F1A4E51AD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9997A2E2-B16E-4D07-8050-0C1B56EB0A5E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2975E3A0-BD2A-47E7-9FE0-7442F0639808 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FEE92628-0E57-4B2B-98F1-8C81FA15416C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 184578E6-E462-4B72-81E1-4DB9C92B462A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E36355A6-CCCD-42A9-A5D7-36750B0235C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DAA1CD1D-5EFD-411E-9DC4-3550029EA856 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A3236C69-8AF4-4519-A1F6-FA094BAD7186 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2D809216-3EF7-43ED-BA65-662863EF1E65 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5CEDB60E-9167-415D-821A-0472FADE8E2E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C8C081C-9413-4F06-AA3F-F859EFC6B5E3 - 0] => (Allow) LPort=53
FirewallRules: [{AD70EFAA-5E40-4138-970E-D3248BF9453C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9A3DD3D7-7F37-4ADF-86CE-5CA55A9CCEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{00049BA3-0170-46EA-8D25-5ADA116BAB9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{349911C9-75D0-4039-8A34-B0EECD22005C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FC842B5E-859A-492A-A1E2-657B9D834C7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{930BC321-7152-43CE-BDAC-D2AEC9743674}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C3F51683-AF61-4E18-8EB1-00C7408B5980}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{576A76CB-53C4-4743-8AF6-9E6207DCD6EA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{8C14099A-FC0D-4A2E-A749-BFF13E10F1C3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{684DE1AE-9DE5-4848-AB0E-C8C2F2ABCB33}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe No File
FirewallRules: [{960AB28A-53D9-4A30-8EC3-D7EE522B4DE4}] => (Allow) E:\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent Pro. 3.5.4 build 44520 by OvArt Portable\uTorrent.exe No File
FirewallRules: [{D3B74F7E-4E85-4B55-A412-89FD511193E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E414530-A57C-4D99-9AD0-04199D8F0B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8650815-BA84-4AEE-97BD-301147899700}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet Canada, Inc. -> SafeNet, Inc.)
FirewallRules: [{3ED8FFCD-9FB8-41B7-8F01-BC42F28CDAE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25611D40-D1A2-48F2-B5BC-CF3A1045319E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2799090-26FC-4FC6-BDFC-B7449E64C66A}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{A836BF80-D6CC-453F-B190-DCD289E7F13D}] => (Allow) C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{845C5C83-CE0A-4EE4-9140-BA844E868477}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F935380-61F5-47D2-AEE7-77C09CFC0E6B}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{29EAFA0F-4DA8-480D-A009-5EAEFFDD33D1}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\Aviation_Trainer_Launcher.exe (Garmin International, Inc. -> Garmin)
FirewallRules: [{711D19CA-24AF-4AEE-B8A9-3520A4F649AA}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{BFC8316C-DDE7-4D75-A171-BD28A00672BB}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Launcher\roar.exe (Garmin International, Inc. -> )
FirewallRules: [{9475C2EF-D956-4335-8966-3E10261F2551}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{10A22D99-92AE-42FE-8F2F-ACBFC91B1CDE}] => (Allow) G:\Program Files (x86)\Garmin\Trainers\Packages\GTN\Bin\GTN Simulator.exe (Garmin International -> )
FirewallRules: [{1A34BEEF-DCDE-4DCD-8417-FCE61D6BBD60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7675E67-63D5-40C5-AA26-47CF361648FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3410C96-7AD3-465B-9B10-B3E9D1EA52C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50311E7E-2AA7-4643-B80A-F26E2536FEE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D6C7C51-A369-4C2C-A51D-6BAD763F7215}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C45E5B4-805E-4C2F-9B3B-5D26A69B7E9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DADFE512-9B4B-43E8-9813-2CA27C0855C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F12B7F3-232F-4C1F-8C8E-7B33034667C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B99D6CC3-7252-4E1C-897D-5AD7609BF5C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => c:\windows\system32\lvcod64.dll [398360 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [71680 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => c:\windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => c:\windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => c:\windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-05-01] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.SCPR] => C:\Windows\SysWOW64\SCPR.dll [367116 2012-06-13] (Infognition Co. Ltd.) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Standard SATA AHCI Controller
Description: Standard SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard SATA AHCI Controller
Service: storahci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2019 10:48:37 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/08/2019 10:48:37 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/08/2019 10:47:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/08/2019 10:47:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/08/2019 10:47:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/08/2019 10:47:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/08/2019 10:47:35 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/08/2019 10:47:35 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - Insufficient system resources exist to complete the requested service.
for C:\Users\homepc\AppData\Local\Microsoft\Windows\\UsrClass.dat


System errors:
=============
Error: (10/08/2019 10:48:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/08/2019 10:48:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/08/2019 10:46:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error: (10/08/2019 10:46:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (10/08/2019 10:46:35 AM) (Source: Service Control Manager) (EventID: 7041) (User: )
Description: The 1C:Enterprise 8.3 Server Agent (x86-64) service was unable to log on as .\homepc with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: 1C:Enterprise 8.3 Server Agent (x86-64)
Domain and account: .\homepc

This service account does not have the required user right "Log on as a service."

User Action

Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (10/08/2019 10:46:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CG6Service service failed to start due to the following error:
The system cannot find the path specified.

Error: (10/08/2019 10:46:35 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/08/2019 10:45:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================

Date: 2019-10-08 10:48:40.668
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.639
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.599
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.569
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\DrWeb\dwsewsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.280
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.265
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.245
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-08 10:48:40.229
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4d 12/12/2011
Motherboard: Gigabyte Technology Co., Ltd. G1.Guerrilla
Processor: Intel(R) Core(TM) i7 CPU 980 @ 3.33GHz
Percentage of memory in use: 34%
Total physical RAM: 12286.42 MB
Available physical RAM: 8049.11 MB
Total Virtual: 16747.33 MB
Available Virtual: 12310.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.78 GB) (Free:7.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (simdisk) (Fixed) (Total:119.24 GB) (Free:0.13 GB) NTFS
Drive e: (FILMS) (Fixed) (Total:931.51 GB) (Free:94.99 GB) NTFS
Drive f: (storage2) (Fixed) (Total:465.75 GB) (Free:0.77 GB) NTFS
Drive g: () (Fixed) (Total:55.89 GB) (Free:0.68 GB) NTFS
Drive h: (backup) (Fixed) (Total:931.51 GB) (Free:5.01 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c2d32257-0000-0000-0000-80b81b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2d32257-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F477C05A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 55.9 GB) (Disk ID: 465FB6DD)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C2D32257)
Partition 1: (Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FB81C632)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: FB81C633)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Last edited:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by homepc (administrator) on SIMPC (Gigabyte Technology Co., Ltd. G1.Guerrilla) (08-10-2019 10:47:44)
Running from C:\Users\homepc\Desktop\Tor Browser
Loaded Profiles: homepc (Available Profiles: homepc & test & newuser & Administrator & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Pro Version 1809 17763.775 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(CA -> CA) H:\CA_LIC\lic98Service.exe
(CA -> CA) H:\CA_LIC\LogWatNT.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\AliyunWrapExe.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\EaseUS Tool M.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.) C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe
(FxSound, LLC -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Jeppesen Sanderson, Inc -> Jeppesen) C:\Program Files (x86)\Jeppesen\JWC\JWC.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SelfSigned -> ) [File not signed] C:\Program Files (x86)\Dating\Dating.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SurfRight B.V. Dickmaster -> SurfRight B.V.) [File not signed] C:\Program Files\HitmanPro\HitmanPro.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The OpenVPN Project) [File not signed] C:\Program Files\OpenVPN\bin\openvpnserv.exe
(TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\homepc\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22147976 2019-10-02] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Process Killer] => C:\Program Files (x86)\Process Killer\prkiller.exe [38400 2005-07-30] () [File not signed]
HKLM-x32\...\Run: [QW787_v1.1.2a_update] => F:\Симуляторы\P3DV4\Самолеты\QW_787_P3DV4\QW787_v1.1.2a_update.exe [17147444 2018-11-21] () [File not signed]
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1780728 2019-07-26] (FxSound, LLC -> ) [File not signed]
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-02-20] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FlightPlan] => e:\симуляторы\FlightPlan_3_7\FlightPlan.exe [835584 2012-05-05] (Umberto Degli Esposti) [File not signed]
HKLM-x32\...\Run: [EaseUS FixTool] => C:\Program Files (x86)\EaseUS\EaseUS Tool M\bin\EaseUS Tool M.exe [231080 2019-09-12] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [14941336 2018-06-04] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Task Killer] => E:\Task.Killer.Portable\TaskKiller.exe [221696 2015-12-19] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [AutoHideMouseCursor] => E:\FSL_A320X\P3Dv4.1\FSLabs_A320X_P3D_v2.0.1.237\AutoHideMouseCursor_x64\AutoHideMouseCursor_x64.exe [152576 2018-03-23] (Nenad Hrg (SoftwareOK.com)) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [636416 2017-09-15] () [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Viber] => C:\Users\homepc\AppData\Local\Viber\Viber.exe [41029704 2019-09-25] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [ECMHelper] => C:\Program Files (x86)\Экранная Камера\Agent.exe [847600 2018-12-26] (AMS Software) [File not signed]
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16443120 2018-10-05] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [GameCenter] => C:\Users\homepc\AppData\Local\GameCenter\GameCenter.exe [9983616 2019-08-08] (Mail.Ru, LLC -> )
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [SimBrief Downloader] => C:\Users\homepc\AppData\Local\Programs\SimBrief Downloader\SimBrief Downloader.exe [81042864 2018-11-27] (Derek Mayer -> Derek Mayer)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23912440 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {0dd97860-05ce-11e9-82b3-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {94b459e9-074c-11e9-82bb-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {a16e49be-19a4-11e9-833c-001fc6276e5b} - "L:\setup.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {acbb8ff6-100a-11e9-8305-001fc6276e5b} - "L:\dvdcheck.exe"
HKU\S-1-5-21-2357164880-557895980-647672482-1001\...\MountPoints2: {d8fd3f33-0891-11e9-82be-001fc6276e5b} - "L:\setup.exe"
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk [2019-09-15]
ShortcutTarget: Bigfoot Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2019-05-15]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION -> Toshiba Client Solutions Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2018-12-24]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dating.lnk [2019-07-28]
ShortcutTarget: Dating.lnk -> C:\Program Files (x86)\Dating\Dating.exe (SelfSigned -> ) [File not signed]
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disk-O.lnk [2018-12-10]
ShortcutTarget: Disk-O.lnk -> C:\Users\homepc\AppData\Local\Mail.Ru\Disk-O\DiskO.exe (LLC Mail.Ru -> Mail.Ru)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Letasoft Sound Booster.lnk [2019-01-08]
ShortcutTarget: Letasoft Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft LLC -> Letasoft)
Startup: C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2018-05-22]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {31CB90C0-B2FB-443C-BDD6-4C46AD24683F} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2550968 2012-08-30] (Beepa Pty Ltd -> Beepa P/L) [File not signed]
Task: {32566FC1-6EE8-417C-B89F-C1B871382D6B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3B483FCD-B42F-4CBE-96E6-15CEE4158812} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_homepc => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {3E531F2C-FC20-4030-9AD8-58A7330BE779} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
Task: {48669851-E43F-4749-86DF-BC580859156F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BB42F87-709C-4EA8-9AA8-43DB55C04928} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [6982216 2019-09-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {4F71DDFA-CEB3-46C5-B103-0CC0B3BD3FED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {577622A0-4C43-496D-85A2-924AC1336ADD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-14] (Adobe Inc. -> Adobe)
Task: {66669C3C-4730-45E9-9C0C-98B790D86110} - System32\Tasks\Core Temp Autostart homepc => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {6F3C805A-1DD5-4554-8B51-D1E29E54E471} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430160 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {88F6EC18-D85C-48C2-9AE3-B0D27DEDAB6F} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1029512 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {8A7573F9-A3B1-4BB5-862D-EF7D294221F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27290216 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B25905B-ED6B-4E17-8FA2-A86E1473AEC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9302A8F4-8FD2-453C-9B6C-AA8A44265007} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2357164880-557895980-647672482-1001 => C:\Users\homepc\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {95F74322-C145-432A-B5DC-5A00537981D5} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [709512 2019-08-15] (Bitsum LLC -> Bitsum LLC) <==== ATTENTION
Task: {987F598E-0428-4639-8259-2820430D78D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [121904 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C6F6EEC-7E5B-47DD-909B-47537097061D} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A93CB7EF-FD82-4A9C-BB05-023616DC49D2} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {B425F0F0-DE66-4D15-AF02-AEDBE66B23D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {B58A9E73-4B07-44D6-BF0F-C16A3B42C820} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1541520 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {C75E651E-8A3B-4A70-B2F8-705E6390EEC8} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {DE55D662-192E-44AD-A44C-92D7366BE150} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E769C0E3-71CF-445A-B5C7-EA3170B56DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-17] (Google Inc -> Google Inc.)
Task: {E80A2128-822A-4712-A4B1-82EFDAE09546} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ED970E6A-70A3-4E19-9243-A8AD38614FC6} - System32\Tasks\FPSMonitor => C:\Program Files (x86)\FPS Monitor\FPSMonitor.exe [7098592 2019-04-25] (Kozadaev Eduard Vladimirovich -> )
Task: {F6DA550E-A9CA-4E3C-84DE-900736C61C68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469920 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F95AE5D8-379F-4656-BED6-12A6D5A2C054} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [11517320 2019-08-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {FFB35F64-23CA-42B2-BD87-CC98E4B0A343} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31232c54-0567-44c1-af24-8ca68e6dc70f}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{b922b671-da25-45bc-bcb6-227098c215e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{cf995ab7-e2fd-4b7e-9aeb-1c520e5945dc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2017-06-23] (Download Master -> WestByte) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pze24zhj.NESTOR
FF DefaultProfile: lh2u6es8.default
FF ProfilePath: C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR [2019-10-08]
FF Homepage: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> hxxps://yandex.ru/?clid=2224022
FF NetworkProxy: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: homeutil@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: vb@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\pze24zhj.NESTOR -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@hoxx-vpn.xpi [2019-10-07]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@setupvpncom.xpi [2019-10-07]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\@webrtc-leak-shield.xpi [2018-02-24]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\client@anonymox.net.xpi [2018-12-14]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\divanproger@gmail.com.xpi [2019-08-19]
FF Extension: (Free Download Manager) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\fdm_ffext2@freedownloadmanager.org.xpi [2019-09-25]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@ghostery.com.xpi [2019-08-29]
FF Extension: (MEGA) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@mega.co.nz.xpi [2019-10-03] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\firefox@tampermonkey.net.xpi [2019-05-30]
FF Extension: (Start Page — Yandex) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\homeutil@yandex.ru.xpi [2019-09-09]
FF Extension: (Pinterest Save Button) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2019-09-25]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\public.proartex@gmail.com.xpi [2018-05-08]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (uBlock Origin) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\xd4rker@gmail.com.xpi [2019-02-04]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\zoompage-we@DW-dev.xpi [2019-09-23]
FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2019-05-14]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\Mozilla\Firefox\Profiles\pze24zhj.NESTOR\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF ProfilePath: C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default [2019-02-27]
FF Homepage: 8pecxstudios\Cyberfox\Profiles\lh2u6es8.default -> hxxp://mail.ru/cnt/10445?gp=812204
FF Extension: (Hoxx VPN Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@hoxx-vpn.xpi [2018-10-19]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@setupvpncom.xpi [2018-02-06]
FF Extension: (WebRTC Leak Shield) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\@webrtc-leak-shield.xpi [2018-03-28]
FF Extension: (anonymoX) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\client@anonymox.net.xpi [2017-06-24] [Legacy]
FF Extension: (FireX Proxy) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\divanproger@gmail.com.xpi [2018-12-16]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@ghostery.com.xpi [2019-01-31]
FF Extension: (Tampermonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\firefox@tampermonkey.net.xpi [2018-10-06]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\public.proartex@gmail.com.xpi [2017-06-24] [Legacy]
FF Extension: (S3.Translator) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\s3google@translator.xpi [2018-10-20]
FF Extension: (Visual Bookmarks) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\vb@yandex.ru.xpi [2017-08-01] [Legacy]
FF Extension: (minerBlock) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\xd4rker@gmail.com.xpi [2018-11-21]
FF Extension: (Zoom Page WE) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\zoompage-we@DW-dev.xpi [2018-12-16]
FF Extension: (Web of Trust) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2018-06-26]
FF Extension: (Video DownloadHelper) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-31]
FF Extension: (Greasemonkey) - C:\Users\homepc\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\lh2u6es8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-10-06]
FF Extension: (CyberCTR) - C:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2018-06-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\homepc\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2017-11-18] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2357164880-557895980-647672482-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2017-12-24] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mail.ru/cnt/9516
CHR StartupUrls: Default -> "hxxp://www.mail.ru/cnt/9516","hxxp://mail.ru/cnt/10445?gp=812208"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B792CA924-60DD-4AE5-BF89-099626812133%7D&gp=812209
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default [2019-10-07]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2019-01-01]
CHR Extension: (Download Master) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljdacfojgikogldjffnkdcielnklkce [2019-09-25]
CHR Extension: (Direct.Fastix ) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknnjfgcgglncamgpbbdfkianokjohlh [2019-02-03]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\homepc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26]
CHR Profile: C:\Users\homepc\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-07]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.16.4.6852\BVDChromeExt.crx [2018-12-29]
CHR HKLM-x32\...\Chrome\Extension: [dljdacfojgikogldjffnkdcielnklkce] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-09-16] (BattlEye Innovations e.K. -> )
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [File not signed]
S4 BLMS; C:\Program Files (x86)\BASTION\BLMS.exe [33280 2015-04-29] () [File not signed]
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
S2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [ ]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11634696 2019-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14703064 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2226136 2019-10-03] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [5388856 2019-08-28] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7136488 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R2 FSLabs Service; C:\Program Files (x86)\FlightSimLabs\FSLSpotLights\FSLService\FSLService.exe [92304 2018-11-08] (Flight Sim Labs, Ltd. -> Flight Sim Labs Ltd.)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [439296 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
S4 hasplms; C:\WINDOWS\system32\hasplms.exe [4319776 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-02-02] (SurfRight B.V. -> SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LogWatch; H:\CA_LIC\LogWatNT.exe [75016 2008-05-20] (CA -> CA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 MySQL; C:\Program Files (x86)\BASTION\mysql\bin\mysqld.exe [11074560 2016-01-15] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65536 2017-09-15] (The OpenVPN Project) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [153272 2018-06-01] (Letasoft LLC -> Letasoft)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446960 2019-02-20] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath
R3 ALSysIO; C:\Users\homepc\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-08] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 Arctosa; C:\WINDOWS\system32\drivers\Arctosa.sys [26624 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 BfEdge7x64; C:\WINDOWS\System32\drivers\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R3 BFN7x64; C:\WINDOWS\System32\drivers\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 cpuz140; no ImagePath
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DIRECTIO37; C:\Program Files\BurnInTest\DirectIo64.sys [31376 2015-02-16] (PassMark Software Pty Ltd -> )
R0 DrWebLwf; C:\WINDOWS\System32\drivers\DrWebLwf.sys [505592 2019-10-07] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2019-09-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2018-04-22] (Disc Soft Ltd -> Disc Soft Ltd)
R0 DwDevGuard; C:\WINDOWS\System32\drivers\dwdg.sys [241264 2019-03-20] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\WINDOWS\System32\drivers\dwelam.sys [31984 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\WINDOWS\System32\drivers\dwprot.sys [860240 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2014-04-03] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-01-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1304840 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ip100Avista; C:\WINDOWS\System32\drivers\ipfnd51.sys [36864 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-10-07] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-10-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-10-08] (Malwarebytes Corporation -> Malwarebytes)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-11] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2018-03-02] (Extra Solutions Ltd -> Trust.Zone VPN Project)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OSFMount; C:\Program Files\OSFMount\x64\OSFMount.sys [1038416 2018-03-22] (PassMark Software Pty Ltd -> PassMark Software)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-04-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PORTMON; C:\SysinternalsSuite\PORTMSYS.SYS [28656 2018-12-11] (Systems Internals) [File not signed]
S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [39568 2016-06-14] (Prosoft Engineering, Inc. -> )
S3 rspSanity; C:\WINDOWS\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 SpiderG3; C:\WINDOWS\System32\drivers\spiderg3.sys [390248 2019-09-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2019-09-21] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-11-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp; C:\WINDOWS\system32\disko\winfsp-x64.sys [144848 2018-01-25] (Navimatics Corporation -> Navimatics Corporation)
S3 LVPr2M64; \SystemRoot\system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-08 10:48 - 2019-10-08 10:48 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2019-10-08 10:47 - 2019-10-08 10:47 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-10-08 10:46 - 2019-10-08 10:46 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-08 03:58 - 2019-10-08 03:58 - 000000807 _____ C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-10-08 03:58 - 2019-10-08 03:58 - 000000738 _____ C:\Users\homepc\Desktop\ESET Online Scanner.lnk
2019-10-08 03:58 - 2019-10-08 03:58 - 000000000 ____D C:\Users\homepc\AppData\Local\ESET
2019-10-08 03:45 - 2019-10-08 03:46 - 000000000 ____D C:\AdwCleaner
2019-10-08 01:17 - 2019-10-08 01:21 - 000000000 ____D C:\Users\TEMP.SIMPC.000.001
2019-10-08 01:17 - 2019-10-08 01:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\ChemTable Software
2019-10-08 01:16 - 2019-10-08 01:16 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-500
2019-10-08 01:16 - 2019-10-08 01:16 - 000000000 ___RD C:\Users\Administrator\OneDrive
2019-10-08 01:15 - 2019-10-08 01:15 - 000001450 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2019-10-08 01:15 - 2019-10-08 01:15 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2019-10-08 01:15 - 2019-10-08 01:15 - 000000000 ____D C:\Users\Administrator\OpenVPN
2019-10-08 01:15 - 2019-10-08 01:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\Toshiba
2019-10-08 01:15 - 2019-10-08 01:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\DFX
2019-10-08 01:14 - 2019-10-08 01:16 - 000002383 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-08 01:14 - 2019-10-08 01:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-10-08 01:14 - 2019-10-08 01:16 - 000000000 ____D C:\Users\Administrator
2019-10-08 01:14 - 2019-10-08 01:15 - 000013064 _____ C:\Users\Administrator\Documents\FPSMonitor.txt
2019-10-08 01:14 - 2019-10-08 01:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2019-10-08 01:14 - 2019-10-08 01:14 - 000000258 __RSH C:\Users\Administrator\ntuser.pol
2019-10-08 01:14 - 2019-10-08 01:14 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ___RD C:\Users\Administrator\3D Objects
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ProcessLasso
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbamtray
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-10-08 01:14 - 2019-10-08 01:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2019-10-08 01:14 - 2017-06-25 00:42 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2019-10-08 00:04 - 2019-10-08 00:23 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2019-10-08 00:04 - 2019-10-08 00:22 - 000001749 _____ C:\WINDOWS\GA_OF.dat
2019-10-08 00:04 - 2019-10-08 00:21 - 000001024 ____H C:\AMTAG.BIN
2019-10-08 00:04 - 2019-10-08 00:04 - 000001205 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Standard Edition 8.4.lnk
2019-10-08 00:04 - 2019-10-08 00:04 - 000001205 _____ C:\ProgramData\Desktop\AOMEI Partition Assistant Standard Edition 8.4.lnk
2019-10-08 00:04 - 2019-10-08 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 8.4
2019-10-08 00:04 - 2019-05-27 16:32 - 002178928 _____ C:\WINDOWS\ampa.exe
2019-10-08 00:04 - 2017-02-28 14:20 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2019-10-08 00:04 - 2017-02-28 14:20 - 000038320 _____ C:\WINDOWS\system32\ampa.sys
2019-10-08 00:04 - 2016-12-27 18:45 - 000035760 _____ C:\WINDOWS\system32\ddmdrv.sys
2019-10-08 00:04 - 2016-12-27 18:45 - 000033200 _____ C:\WINDOWS\SysWOW64\ddmdrv.sys
2019-10-08 00:04 - 2016-09-29 09:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe
2019-10-07 23:57 - 2019-10-07 23:57 - 000001349 _____ C:\Users\Public\Desktop\EaseUS Tool M.lnk
2019-10-07 23:57 - 2019-10-07 23:57 - 000001349 _____ C:\ProgramData\Desktop\EaseUS Tool M.lnk
2019-10-07 23:57 - 2019-10-07 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Tool M
2019-10-07 23:57 - 2019-10-07 23:57 - 000000000 ____D C:\Program Files (x86)\EaseUS
2019-10-07 23:22 - 2019-10-07 23:22 - 000000000 ____D C:\WINDOWS\Panther
2019-10-07 23:21 - 2019-10-07 23:21 - 000519104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-07 22:47 - 2019-10-07 22:47 - 000011522 _____ C:\Users\test\Documents\FPSMonitor.txt
2019-10-07 22:47 - 2019-10-07 22:47 - 000000258 __RSH C:\Users\test\ntuser.pol
2019-10-07 22:46 - 2019-10-07 22:47 - 000000000 ____D C:\Users\TEMP.SIMPC.000
2019-10-07 22:30 - 2019-10-07 22:31 - 000000000 ____D C:\Users\TEMP.SIMPC
2019-10-07 22:00 - 2019-10-07 22:00 - 000001240 _____ C:\WINDOWS\system32\Drivers\etc\hosts.zip
2019-10-07 21:34 - 2019-10-07 21:35 - 000000000 ____D C:\Users\TEMP
2019-10-07 21:34 - 2019-10-07 21:34 - 000000000 ____D C:\Bandicam
2019-10-07 21:22 - 2019-10-07 22:18 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-10-07 21:21 - 2019-10-07 21:21 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-07 21:21 - 2019-10-07 21:21 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Users\homepc\AppData\Local\mbamtray
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Users\homepc\AppData\Local\mbam
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-07 21:21 - 2019-10-07 21:21 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-07 21:21 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-07 21:21 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-07 18:42 - 2019-10-08 10:48 - 000000000 ____D C:\FRST
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ C:\Users\homepc\AppData\Local\recently-used.xbel
2019-10-07 16:03 - 2019-10-07 16:03 - 000001558 _____ C:\Users\homepc\Desktop\SFCFix.txt
2019-10-07 16:00 - 2019-10-07 16:00 - 000000000 _____ C:\WINDOWS\system32\sfc
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\LocalLow\Mozilla
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\OneDrive
2019-10-07 15:52 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Mozilla
2019-10-07 15:51 - 2019-10-07 15:51 - 000000000 ____D C:\Users\newuser\AppData\Local\Comms
2019-10-07 15:26 - 2019-10-07 15:26 - 000000000 ____D C:\Users\newuser\AppData\Local\ChemTable Software
2019-10-07 15:24 - 2019-10-07 20:23 - 000000000 ____D C:\Users\newuser\AppData\Local\PlaceholderTileLogoFolder
2019-10-07 15:24 - 2019-10-07 15:26 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1010
2019-10-07 15:24 - 2019-10-07 15:26 - 000000000 ___RD C:\Users\newuser\OneDrive
2019-10-07 15:24 - 2019-10-07 15:24 - 000001450 _____ C:\Users\newuser\Desktop\Microsoft Edge.lnk
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\OpenVPN
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\Toshiba
2019-10-07 15:24 - 2019-10-07 15:24 - 000000000 ____D C:\Users\newuser\AppData\Local\DFX
2019-10-07 15:23 - 2019-10-07 21:30 - 000000000 ____D C:\Users\newuser
2019-10-07 15:23 - 2019-10-07 20:22 - 000011522 _____ C:\Users\newuser\Documents\FPSMonitor.txt
2019-10-07 15:23 - 2019-10-07 15:52 - 000000000 ____D C:\Users\newuser\AppData\Local\Packages
2019-10-07 15:23 - 2019-10-07 15:26 - 000002369 _____ C:\Users\newuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:23 - 2019-10-07 15:23 - 000000020 ___SH C:\Users\newuser\ntuser.ini
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___RD C:\Users\newuser\3D Objects
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ___HD C:\Users\newuser\MicrosoftEdgeBackups
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\ProcessLasso
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Adobe
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\VirtualStore
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Publishers
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\MicrosoftEdge
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\Google
2019-10-07 15:23 - 2019-10-07 15:23 - 000000000 ____D C:\Users\newuser\AppData\Local\ConnectedDevicesPlatform
2019-10-07 15:23 - 2017-06-25 00:42 - 000000000 ____D C:\Users\newuser\AppData\Roaming\Macromedia
2019-10-07 15:07 - 2019-10-07 15:07 - 000000000 ____D C:\Users\test\AppData\Local\Toshiba
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\Users\Public\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000983 _____ C:\ProgramData\Desktop\Load Manager.lnk
2019-10-06 06:39 - 2019-10-06 06:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly the Maddog X
2019-10-06 06:38 - 2019-10-06 06:40 - 000000000 ___DC C:\Users\homepc\Documents\Maddog X Files
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\Users\Public\Desktop\AirHauler 2.lnk
2019-10-06 00:10 - 2019-10-06 00:10 - 000000649 _____ C:\ProgramData\Desktop\AirHauler 2.lnk
2019-10-05 23:50 - 2019-10-05 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS2Crew2012
2019-10-05 23:43 - 2019-10-05 23:43 - 000000000 ____D C:\Program Files\AI Lights Reborn Free Edition
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo Internationall (FSX)
2019-10-05 22:54 - 2019-10-05 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NMG OR Tambo International (FSX)
2019-10-05 22:36 - 2019-10-05 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG - Cape Town FSX
2019-10-05 17:55 - 2019-10-05 17:55 - 020815872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 019013632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-05 17:55 - 2019-10-05 17:55 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000241976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-05 17:55 - 2019-10-05 17:55 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-05 17:55 - 2019-10-05 17:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-05 17:55 - 2019-10-05 17:55 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 026806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 023454720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 009680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 002415928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002200376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-05 17:54 - 2019-10-05 17:54 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001751424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001720120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001399608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-05 17:54 - 2019-10-05 17:54 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001247344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-05 17:54 - 2019-10-05 17:54 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-05 17:54 - 2019-10-05 17:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-05 17:54 - 2019-10-05 17:54 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-05 17:54 - 2019-10-05 17:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-05 14:38 - 2019-10-05 14:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1
2019-10-05 14:37 - 2019-10-05 14:37 - 000001862 _____ C:\Users\homepc\Desktop\AFX.lnk
2019-10-05 14:37 - 2019-10-05 14:37 - 000000000 ____D C:\Program Files (x86)\AFX
2019-10-04 15:01 - 2019-10-04 15:01 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-04 15:01 - 2019-10-04 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-03 18:31 - 2019-10-03 18:31 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 18:31 - 2019-10-03 18:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-09-30 23:12 - 2019-09-30 23:12 - 000034030 _____ C:\Users\homepc\Desktop\ChasePlane_Report_gtafivehater_gmail_com.txt
2019-09-30 15:53 - 2019-09-30 15:53 - 000000000 ____D C:\Users\homepc\AppData\Local\Viber
2019-09-29 02:03 - 2019-09-29 02:03 - 000000000 ____D C:\Users\homepc\AppData\Local\gtk-3.0
2019-09-29 01:11 - 2019-10-07 18:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\gsmartcontrol
2019-09-28 23:14 - 2019-10-07 16:03 - 000000000 ____D C:\SFCFix
2019-09-28 23:13 - 2019-10-07 16:03 - 000000000 ____D C:\Users\homepc\AppData\Local\niemiro
2019-09-28 22:46 - 2019-09-28 22:46 - 000000000 ___HD C:\$Windows.~WS
2019-09-28 22:38 - 2019-09-28 22:39 - 000000000 ____D C:\Program Files\NTLite
2019-09-28 22:38 - 2019-09-28 22:38 - 000000825 _____ C:\Users\homepc\Desktop\NTLite.lnk
2019-09-28 22:38 - 2019-09-28 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2019-09-28 19:19 - 2019-09-28 23:06 - 000000000 ____D C:\ESD
2019-09-28 13:43 - 2019-09-28 13:43 - 000001098 _____ C:\Users\homepc\Desktop\Экипаж 4.0 FSX (P3D).lnk
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RD-soft
2019-09-28 13:43 - 2019-09-28 13:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-28 13:38 - 2019-09-28 13:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\THROTTLEINDICATOR
2019-09-28 13:27 - 2019-09-28 13:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\fscabincrew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FS Cabin Crew
2019-09-28 13:25 - 2019-09-28 13:25 - 000000000 ____D C:\Program Files (x86)\drubware.net
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\Users\Public\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000152 _____ C:\ProgramData\Desktop\FSLA320-X Refuel Panel.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\Users\Public\Desktop\FSLA320-X MCDU.url
2019-09-27 21:21 - 2019-09-27 21:21 - 000000141 _____ C:\ProgramData\Desktop\FSLA320-X MCDU.url
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ C:\Program Files (x86)\unEZCA2.exe
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\Users\Public\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000001039 _____ C:\ProgramData\Desktop\EZCA 2 Config Tool.lnk
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\EZCA
2019-09-27 03:53 - 2019-09-27 03:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA2
2019-09-27 01:49 - 2019-09-27 03:53 - 000002048 _____ C:\WINDOWS\ezcamera2.lic
2019-09-27 00:18 - 2019-09-27 00:20 - 000000000 ____D C:\OpusFSX
2019-09-27 00:17 - 2019-09-27 00:18 - 000000000 ____D C:\Opus Software
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-09-26 04:23 - 2019-09-26 04:23 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-25 02:53 - 2019-09-25 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Majestic Software
2019-09-25 01:51 - 2019-09-28 18:57 - 000000000 ____D C:\1909_f1_rxp
2019-09-25 01:22 - 2019-09-25 01:22 - 000000000 ____D C:\ProgramData\Garmin
2019-09-25 01:11 - 2019-09-28 20:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\Users\Public\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000001170 _____ C:\ProgramData\Desktop\Download Master.lnk
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Master
2019-09-25 01:11 - 2019-09-25 01:11 - 000000000 ____D C:\Program Files (x86)\Download Master
2019-09-24 18:44 - 2019-09-30 23:12 - 000000000 ____D C:\Program Files (x86)\ChasePlane (XEdition)
2019-09-24 18:44 - 2019-09-24 21:36 - 000000000 ___DC C:\Users\homepc\Documents\ChasePlane Presets
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\Users\Public\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000001177 _____ C:\ProgramData\Desktop\ChasePlane (XEdition).lnk
2019-09-24 18:44 - 2019-09-24 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChasePlane (XEdition)
2019-09-24 17:28 - 2019-09-26 17:12 - 000000895 _____ C:\Users\homepc\Desktop\F1UpdateTool.lnk
2019-09-24 17:28 - 2019-09-24 17:28 - 000000935 _____ C:\Users\homepc\Desktop\f1update_tool_readme.lnk
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hoppie
2019-09-22 02:29 - 2019-09-22 02:31 - 000000000 ____D C:\Program Files (x86)\Hoppie
2019-09-22 00:38 - 2019-09-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simware - Valencia X - FSX
2019-09-21 22:49 - 2019-09-21 23:21 - 000001116 _____ C:\Users\homepc\Desktop\767-300 FSX Configuration Manager.lnk
2019-09-21 21:08 - 2019-09-21 21:18 - 000203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-09-21 14:13 - 2019-09-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARMI Project - Muscat OOMS FSX
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\Users\Public\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-29 21:13 - 000000984 _____ C:\ProgramData\Desktop\UGCX Configuration Manager.lnk
2019-09-21 13:32 - 2019-09-21 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Ground Crew X
2019-09-21 13:31 - 2019-09-29 21:13 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Ultimate Ground Crew X
2019-09-17 00:14 - 2019-09-17 00:27 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3res
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3weatherfiles
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3Charts
2019-09-17 00:14 - 2019-09-17 00:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3aircraftfiles
2019-09-16 23:49 - 2019-09-16 23:49 - 000000000 ____D C:\Users\homepc\zygrib
2019-09-16 23:34 - 2019-09-27 00:34 - 000000000 ____D C:\OpusFSI_v5
2019-09-16 21:39 - 2019-09-16 21:39 - 000001181 _____ C:\Users\homepc\Desktop\Active Sky Next for FSX SP5.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000002021 _____ C:\Users\homepc\Desktop\FS Global Real Weather.lnk
2019-09-16 21:32 - 2019-09-16 21:32 - 000000000 ____D C:\Program Files (x86)\FSGRW
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\Users\Public\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000001020 _____ C:\ProgramData\Desktop\FSDT GSX Control Panel.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\Users\Public\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000796 _____ C:\ProgramData\Desktop\FSDT Live Update.lnk
2019-09-16 19:53 - 2019-09-16 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDreamTeam
2019-09-15 14:00 - 2019-10-08 01:18 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2019-09-15 13:41 - 2019-09-15 13:42 - 000082268 _____ C:\ProgramData\dxdiag.txt
2019-09-14 23:40 - 2019-09-15 01:43 - 000000000 ____D C:\Program Files\MFSClientV5
2019-09-14 12:27 - 2019-09-14 12:27 - 000000000 ____D C:\Users\homepc\AppData\Local\NVIDIA
2019-09-14 11:15 - 2019-09-14 11:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\NVIDIA
2019-09-14 11:13 - 2019-10-08 10:46 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-14 11:13 - 2019-09-14 13:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-14 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-09-14 11:13 - 2019-09-05 22:49 - 005468144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 002634608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000654320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-09-14 11:13 - 2019-09-05 22:49 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-09-14 11:13 - 2019-09-05 04:04 - 008709382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-09-14 11:13 - 2019-08-01 16:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 001012432 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000876240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000447368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000351944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000301264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-09-14 11:12 - 2019-09-06 21:29 - 000273104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-09-14 11:12 - 2019-09-06 21:28 - 011562376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:28 - 009937104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 002051008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001550080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001247432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 001140616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000959424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000676096 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000658880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000632768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000544648 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-09-14 11:12 - 2019-09-06 21:27 - 000524168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 040444856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 035334536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 017300360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 014921096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 005358472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 004696968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001726400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443630.dll
2019-09-14 11:12 - 2019-09-06 21:26 - 001491336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443630.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 005002192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-14 11:12 - 2019-09-06 18:24 - 004263840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-09-14 11:12 - 2019-09-06 00:19 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-09-14 11:12 - 2019-09-06 00:19 - 000054700 _____ C:\WINDOWS\system32\nvinfo.pb
2019-09-14 11:12 - 2019-09-06 00:19 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-09-14 11:07 - 2019-09-14 11:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-14 11:06 - 2019-09-14 11:06 - 000000000 ____D C:\ShadersHLSL
2019-09-13 21:28 - 2019-09-13 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSS FSL A320 IAE V2.1
2019-09-13 20:53 - 2019-09-13 20:53 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PILOT'S Software
2019-09-13 19:06 - 2019-09-27 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd
2019-09-13 19:05 - 2019-09-13 19:30 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-09-13 14:08 - 2019-09-13 14:08 - 000000000 ____D C:\Program Files\MSBuild
2019-09-13 13:25 - 2019-09-13 13:25 - 017761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 013942784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 004850688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 002006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-13 13:25 - 2019-09-13 13:25 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:25 - 2019-09-13 13:25 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-13 13:25 - 2019-09-13 13:25 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 002148864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-13 13:24 - 2019-09-13 13:24 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-13 13:24 - 2019-09-13 13:24 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-13 13:24 - 2019-09-13 13:24 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-13 13:24 - 2019-09-13 13:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-13 02:09 - 2019-10-08 03:49 - 000000000 ____D C:\TCPU71
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\Users\Public\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000001635 _____ C:\ProgramData\Desktop\Total Commander HomeUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\Users\Public\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 02:09 - 2019-09-13 02:09 - 000000777 _____ C:\ProgramData\Desktop\Total Commander PowerUser v71.lnk
2019-09-13 00:00 - 2019-09-13 00:00 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PMDG Operations Center.lnk
2019-09-12 18:53 - 2019-09-12 19:00 - 000000000 ____D C:\BLOCKCHECKDPI
2019-09-11 01:12 - 2019-09-11 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2019-09-11 00:42 - 2019-09-11 00:43 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X - Steam Edition Files
2019-09-10 23:57 - 2019-09-10 23:57 - 000000208 _____ C:\Captain.ini
2019-09-10 19:27 - 2019-09-28 13:43 - 000000000 ____D C:\Program Files (x86)\RD-soft
2019-09-10 19:27 - 2019-09-10 19:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RDSetInstaller
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\Users\Public\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000002781 _____ C:\ProgramData\Desktop\SetInstaller.lnk
2019-09-10 19:27 - 2019-09-10 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RD-soft
2019-09-10 19:19 - 2019-09-10 19:19 - 000000000 ____D C:\Users\homepc\AppData\Local\kACARS_-LR
2019-09-10 19:18 - 2019-09-10 19:18 - 000003113 _____ C:\Users\homepc\Desktop\kACARS - Landing Rate.lnk
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kACARS_Free
2019-09-10 19:18 - 2019-09-10 19:18 - 000000000 ____D C:\Program Files (x86)\FS-Products
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\Users\Public\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000975 _____ C:\ProgramData\Desktop\FSX B747 Configuration Tool.lnk
2019-09-08 02:22 - 2019-09-08 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 747-400 V2 for FSX
2019-09-08 00:49 - 2019-09-11 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2019-09-08 00:19 - 2019-09-08 00:19 - 000271424 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2019-09-08 00:14 - 2019-09-08 00:14 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-08 10:47 - 2017-06-24 11:27 - 000000000 ____D C:\Users\homepc\AppData\LocalLow\Mozilla
2019-10-08 10:46 - 2018-12-26 16:25 - 000000000 ____D C:\ProgramData\VMware
2019-10-08 10:46 - 2018-12-16 22:38 - 000003180 _____ C:\WINDOWS\system32\Tasks\FRAPS
2019-10-08 10:46 - 2018-12-16 22:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-08 10:46 - 2018-12-16 22:28 - 000000000 ____D C:\Users\homepc
2019-10-08 10:46 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-08 10:46 - 2018-09-15 10:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-08 10:46 - 2018-08-13 17:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-08 10:46 - 2018-05-10 21:23 - 000015530 ____C C:\Users\homepc\Documents\FPSMonitor.txt
2019-10-08 10:46 - 2018-04-27 21:38 - 000000000 ____D C:\Fraps
2019-10-08 10:46 - 2018-04-09 23:54 - 000000000 ____D C:\ProgramData\Jeppesen
2019-10-08 10:46 - 2017-08-04 23:22 - 000000000 ____D C:\Program Files\Core Temp
2019-10-08 10:46 - 2017-06-24 12:57 - 000000000 ____D C:\ProgramData\Doctor Web
2019-10-08 10:45 - 2018-12-16 22:38 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-10-08 10:30 - 2017-06-24 23:54 - 000000000 ____D C:\Users\homepc\Desktop\Tor Browser
2019-10-08 10:22 - 2018-12-16 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-08 04:08 - 2019-04-21 16:13 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.8.1
2019-10-08 04:08 - 2017-12-23 00:03 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2019-10-08 04:02 - 2017-12-20 00:32 - 000000000 ____D C:\PassGen[RU]
2019-10-08 03:54 - 2018-12-16 22:37 - 000977104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-08 03:54 - 2018-09-15 10:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-08 03:47 - 2019-04-07 03:20 - 000000000 ____D C:\ProgramData\BSD
2019-10-08 03:47 - 2018-09-15 09:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-08 03:46 - 2019-04-07 03:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2019-10-08 03:46 - 2017-11-05 19:05 - 000000000 ____D C:\Users\homepc\AppData\Roaming\IObit
2019-10-08 03:46 - 2017-11-05 19:05 - 000000000 ____D C:\Users\homepc\AppData\LocalLow\IObit
2019-10-08 03:46 - 2017-11-05 19:05 - 000000000 ____D C:\ProgramData\IObit
2019-10-08 03:46 - 2017-11-05 19:05 - 000000000 ____D C:\Program Files (x86)\IObit
2019-10-08 03:32 - 2017-06-24 12:05 - 000000000 ____D C:\Users\homepc\AppData\Roaming\ViberPC
2019-10-08 01:21 - 2018-12-16 22:38 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1001
2019-10-08 01:20 - 2017-06-24 10:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-08 00:48 - 2019-08-29 01:11 - 000000000 ____D C:\Users\homepc\AppData\Roaming\vlc
2019-10-07 23:20 - 2018-02-07 01:32 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Wise Disk Cleaner
2019-10-07 23:19 - 2018-02-24 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\µTorrent
2019-10-07 23:17 - 2018-08-22 22:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-10-07 23:17 - 2017-12-10 18:46 - 000000000 ___DC C:\Users\homepc\AppData\Local\Packages
2019-10-07 23:17 - 2017-06-25 12:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\CrashDumps
2019-10-07 22:47 - 2018-12-16 22:28 - 000000000 ____D C:\Users\test
2019-10-07 22:43 - 2018-09-15 10:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-07 22:21 - 2018-07-22 12:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-07 22:16 - 2017-12-27 16:16 - 000000000 ____D C:\WINDOWS\pss
2019-10-07 21:34 - 2018-02-02 00:16 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-10-07 21:30 - 2019-02-25 14:25 - 000000000 ____D C:\Program Files\SSD Tweaker
2019-10-07 21:30 - 2018-02-24 00:15 - 000000000 ____D C:\Users\homepc\AppData\Roaming\uTorrent
2019-10-07 21:21 - 2018-09-15 10:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-07 21:19 - 2018-09-15 09:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-10-07 20:24 - 2018-09-15 10:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-07 19:48 - 2019-02-03 16:47 - 000000000 ____D C:\WX Advantage Radar
2019-10-07 19:33 - 2018-04-05 15:40 - 000000000 ___DC C:\Users\homepc\AppData\Local\Apps\2.0
2019-10-07 17:44 - 2018-10-18 13:18 - 000505592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\drweblwf.sys
2019-10-07 17:10 - 2018-12-21 21:57 - 000000000 ___DC C:\Users\homepc\Documents\ViberDownloads
2019-10-07 16:39 - 2017-09-22 17:08 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-07 16:19 - 2018-12-16 22:28 - 000002366 _____ C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 16:19 - 2017-06-24 10:46 - 000000000 ___RD C:\Users\homepc\OneDrive
2019-10-07 15:52 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-10-07 15:41 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2019-10-07 15:26 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\DelayedItemsByChemtableSoftware
2019-10-07 15:26 - 2018-07-18 16:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Telegram Desktop
2019-10-07 15:23 - 2018-11-25 16:43 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Clipdiary
2019-10-07 15:08 - 2018-12-16 22:38 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2357164880-557895980-647672482-1002
2019-10-07 15:08 - 2018-12-16 22:28 - 000002360 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 15:08 - 2017-12-10 18:46 - 000000000 ____D C:\Users\test\AppData\Local\Packages
2019-10-07 15:08 - 2017-09-21 18:36 - 000000000 ___RD C:\Users\test\OneDrive
2019-10-07 15:07 - 2017-12-28 23:39 - 000000000 ___RD C:\Users\test\3D Objects
2019-10-07 14:52 - 2017-06-24 13:17 - 000000000 ____D C:\Users\homepc\AppData\Roaming\WhatsApp
2019-10-07 14:18 - 2017-06-24 11:15 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-07 14:11 - 2017-07-25 00:28 - 000000000 ___DC C:\Users\homepc\Documents\AivlaSoft
2019-10-07 13:25 - 2019-05-31 19:10 - 000000000 ____D C:\Users\homepc\AppData\Local\BitTorrentHelper
2019-10-06 19:02 - 2019-03-13 13:04 - 000000000 ____D C:\Users\homepc\AppData\Roaming\SimBrief Downloader
2019-10-06 17:35 - 2019-01-28 21:30 - 000000000 ___DC C:\Users\homepc\Documents\Flight Simulator X Files
2019-10-06 17:01 - 2019-01-29 17:38 - 000001155 _____ C:\Users\homepc\Desktop\Active Sky 2016 for FSX.lnk
2019-10-06 15:52 - 2017-09-12 12:56 - 000000000 ____D C:\SoyzClient
2019-10-06 15:34 - 2017-12-29 00:30 - 000000000 ____D C:\ProgramData\Virtuali
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\Users\Public\Documents\DX10SceneryFixer
2019-10-06 15:28 - 2018-01-28 03:06 - 000000000 ____D C:\ProgramData\Documents\DX10SceneryFixer
2019-10-06 15:26 - 2017-07-24 00:00 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Virtuali
2019-10-06 06:45 - 2017-07-28 03:00 - 000000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2019-10-06 06:18 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\eSellerate
2019-10-06 05:12 - 2017-12-29 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-10-06 04:06 - 2019-05-13 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design
2019-10-06 00:37 - 2017-09-16 19:24 - 000000000 ___DC C:\Users\homepc\Documents\vPilot Files
2019-10-06 00:25 - 2018-08-11 14:49 - 000000000 ___DC C:\Users\homepc\AppData\Local\V1_Software
2019-10-06 00:10 - 2019-06-28 19:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-06 00:10 - 2018-07-27 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2019-10-06 00:10 - 2017-06-24 10:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-05 23:50 - 2018-07-13 23:12 - 000000000 ____D C:\Users\homepc\AppData\Roaming\RAASPRO
2019-10-05 23:43 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Add-ons
2019-10-05 17:58 - 2019-03-28 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 17:58 - 2017-12-10 19:59 - 000000000 ___RD C:\Users\homepc\3D Objects
2019-10-05 17:58 - 2017-06-24 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-05 17:56 - 2018-09-15 12:11 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-05 17:56 - 2018-09-15 12:11 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-05 17:56 - 2018-09-15 12:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-05 17:56 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-05 17:56 - 2018-09-15 09:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-05 17:54 - 2017-06-24 11:38 - 000408644 __RSH C:\bootmgr
2019-10-05 14:37 - 2017-07-26 03:41 - 000737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2019-10-05 13:31 - 2017-08-06 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2019-10-05 12:01 - 2019-02-25 20:38 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Discord
2019-10-05 11:57 - 2017-06-24 11:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-03 16:00 - 2017-06-24 12:59 - 000000000 ____D C:\Program Files\DrWeb
2019-10-03 12:34 - 2019-03-26 16:25 - 000000000 ____D C:\Users\homepc\AppData\Local\WhatsApp
2019-10-02 21:52 - 2018-12-16 22:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:52 - 2018-12-16 22:38 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 21:52 - 2017-11-17 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-30 20:21 - 2017-09-21 18:40 - 000000000 ____D C:\Temp
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\Users\Public\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000001048 _____ C:\ProgramData\Desktop\AIDA64.lnk
2019-09-30 19:49 - 2019-04-10 18:17 - 000000000 ____D C:\Program Files (x86)\AIDA64
2019-09-30 14:10 - 2018-10-18 13:19 - 000860240 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwprot.sys
2019-09-30 14:10 - 2018-10-18 13:18 - 000390248 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\spiderg3.sys
2019-09-29 21:14 - 2018-12-25 18:07 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-09-29 17:24 - 2018-12-16 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000001277 _____ C:\ProgramData\Desktop\Wise Disk Cleaner.lnk
2019-09-29 17:24 - 2018-02-07 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2019-09-28 20:38 - 2018-03-28 13:04 - 000000000 ____D C:\Boson
2019-09-28 13:25 - 2017-07-24 01:47 - 000000000 ___DC C:\Users\homepc\AppData\Local\Downloaded Installations
2019-09-27 03:54 - 2017-07-23 16:57 - 000000000 ____D C:\Program Files (x86)\EZCA2
2019-09-27 03:53 - 2017-07-23 16:56 - 000000000 ____D C:\EZdok Software
2019-09-27 03:38 - 2019-02-26 02:50 - 000000000 ____D C:\Program Files\EZCA3
2019-09-27 03:36 - 2019-02-25 22:23 - 000000000 ____D C:\Program Files (x86)\Flight1 Purchase Agent
2019-09-27 02:56 - 2019-01-22 23:20 - 000000000 __SHD C:\Users\Public\DRM
2019-09-27 00:17 - 2017-12-28 01:37 - 000002048 _____ C:\WINDOWS\OpusFSX.lic
2019-09-27 00:13 - 2018-01-28 13:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Navdata
2019-09-27 00:13 - 2018-01-28 13:29 - 000002048 _____ C:\WINDOWS\CX750X.lic
2019-09-27 00:12 - 2019-02-25 22:23 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Flight1Purchase
2019-09-27 00:08 - 2019-02-26 02:50 - 000002048 _____ C:\WINDOWS\ezcapro3.lic
2019-09-27 00:02 - 2019-02-25 22:23 - 000083295 _____ C:\Program Files (x86)\F1Uninstall.exe
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\Users\Public\Desktop\Flight1 Purchase Agent.lnk
2019-09-27 00:02 - 2019-02-25 22:23 - 000001194 _____ C:\ProgramData\Desktop\Flight1 Purchase Agent.lnk
2019-09-26 19:39 - 2018-12-16 22:28 - 000000000 ____D C:\Users\DefaultAppPool
2019-09-26 17:12 - 2017-08-23 12:55 - 000000000 ____D C:\ProgramData\Flight One Software
2019-09-26 04:18 - 2019-02-02 02:16 - 000000109 _____ C:\WINDOWS\GARMINWT.INI
2019-09-26 02:06 - 2018-04-23 00:26 - 000000221 ____C C:\Users\homepc\Documents\ax_files.xml
2019-09-25 20:45 - 2019-05-05 17:20 - 000000000 ____D C:\Program Files (x86)\FSrealWX 3.0
2019-09-25 12:15 - 2017-11-17 13:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-25 12:15 - 2017-11-17 13:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-09-25 02:46 - 2017-12-30 20:32 - 000000000 ____D C:\Program Files (x86)\FSBuild
2019-09-25 01:29 - 2019-09-06 19:11 - 000000000 ____D C:\Program Files\Process Lasso
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\Users\Public\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000908 _____ C:\ProgramData\Desktop\Process Lasso Pro.lnk
2019-09-25 01:29 - 2019-03-14 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso Pro
2019-09-25 01:29 - 2018-12-16 22:38 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2019-09-25 01:29 - 2018-12-16 22:38 - 000003096 _____ C:\WINDOWS\system32\Tasks\Process Lasso Core Engine Only
2019-09-25 01:22 - 2019-02-04 22:22 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin Aviation Trainers.lnk
2019-09-24 17:28 - 2019-02-01 14:39 - 000000890 _____ C:\Users\homepc\Desktop\F1GTNConfig.lnk
2019-09-23 23:23 - 2017-06-24 13:17 - 000000000 ___DC C:\Users\homepc\AppData\Local\SquirrelTemp
2019-09-23 22:32 - 2018-05-18 11:38 - 000000000 ___DC C:\Users\homepc\AppData\Local\D3DSCache
2019-09-23 15:09 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-23 15:09 - 2017-12-28 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSrealWX
2019-09-23 15:07 - 2018-12-17 14:49 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-23 15:07 - 2018-10-10 18:37 - 000000000 ___RD C:\Users\homepc\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-09-22 02:52 - 2019-04-19 00:34 - 000000000 ____D C:\Program Files\WhoCrashed
2019-09-22 00:53 - 2019-05-12 21:02 - 000000000 ___DC C:\Users\homepc\Documents\Prepar3D v4 Files
2019-09-21 22:49 - 2018-04-28 14:14 - 000000000 ____D C:\Users\homepc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2019-09-21 21:37 - 2018-04-30 15:02 - 000000000 ____D C:\Program Files (x86)\PMDG Operations Center
2019-09-21 16:49 - 2017-07-27 15:29 - 000000000 ____D C:\ProgramData\firebird
2019-09-21 15:11 - 2017-07-27 15:27 - 000000000 ____D C:\PRO-ATC-X
2019-09-19 13:15 - 2017-09-14 15:00 - 000000000 ____D C:\DrWebkeys
2019-09-19 13:13 - 2017-07-23 21:34 - 000000000 ____D C:\aerosoft
2019-09-17 11:44 - 2019-02-26 02:03 - 000000035 _____ C:\general.INI
2019-09-17 01:02 - 2017-08-31 16:42 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2019-09-17 00:14 - 2019-05-05 16:34 - 000000000 ____D C:\Users\homepc\AppData\Roaming\FSrealWXv3
2019-09-17 00:13 - 2017-12-28 20:14 - 000000000 ____D C:\Program Files (x86)\FSrealWX_Pro
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\Users\Public\Desktop\FSrealWX Pro.lnk
2019-09-17 00:00 - 2017-12-28 20:14 - 000001124 _____ C:\ProgramData\Desktop\FSrealWX Pro.lnk
2019-09-16 21:39 - 2019-01-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi
2019-09-16 21:39 - 2019-01-29 17:37 - 000000000 ____D C:\Program Files (x86)\HiFi
2019-09-16 21:39 - 2018-01-28 03:30 - 000000000 ____D C:\Users\homepc\AppData\Roaming\HiFi
2019-09-16 20:41 - 2018-05-27 13:10 - 000001095 _____ C:\Users\homepc\Desktop\MFSClient.lnk
2019-09-16 19:50 - 2018-02-03 17:52 - 000000000 ____D C:\Program Files (x86)\Addon Manager
2019-09-16 19:30 - 2018-02-03 18:04 - 000000179 _____ C:\Users\homepc\FSDreamTeam_GSX.reg
2019-09-16 15:57 - 2018-02-06 19:31 - 000000000 ___HD C:\3gzV5dAb7FiiwFEW
2019-09-16 11:29 - 2018-01-11 19:31 - 000000000 ___DC C:\Users\homepc\AppData\Local\MEGAsync
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\Users\Public\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 14:00 - 2017-07-02 00:23 - 000002311 _____ C:\ProgramData\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-09-15 01:27 - 2018-05-12 00:31 - 000000000 ____D C:\AFSD
2019-09-15 00:40 - 2017-12-30 15:36 - 000000000 ___DC C:\Users\homepc\AppData\Local\QSimPlanner
2019-09-15 00:38 - 2017-12-30 15:36 - 000001149 _____ C:\Users\homepc\Desktop\QSimPlanner.lnk
2019-09-15 00:38 - 2017-12-30 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QSimPlanner
2019-09-14 17:33 - 2019-03-13 13:04 - 000002514 _____ C:\Users\homepc\Desktop\SimBrief Downloader.lnk
2019-09-14 11:13 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\Help
2019-09-14 11:08 - 2017-12-27 16:14 - 000000000 ____D C:\[Guru3D.com]-DDU
2019-09-14 11:03 - 2018-12-16 22:38 - 000004570 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-14 11:03 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-14 11:03 - 2017-06-25 00:42 - 000000000 ___DC C:\Users\homepc\AppData\Local\Adobe
2019-09-14 11:00 - 2019-04-07 00:43 - 000000000 ____D C:\ProgramData\DisplayDriverUninstaller
2019-09-14 10:48 - 2018-12-16 22:38 - 000004582 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-13 20:15 - 2018-03-04 13:56 - 000000000 ____D C:\ProgramData\FSTramp
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\Users\Public\Documents\PFPX Data
2019-09-13 20:07 - 2018-12-08 12:25 - 000000000 ____D C:\ProgramData\Documents\PFPX Data
2019-09-13 18:40 - 2019-02-28 01:02 - 000000000 ____D C:\Users\homepc\AppData\Local\ElevatedDiagnostics
2019-09-13 18:35 - 2019-02-03 04:55 - 000001159 _____ C:\Users\homepc\Desktop\Reg Organizer.lnk
2019-09-13 14:20 - 2017-06-24 10:59 - 000000000 ____D C:\Program Files (x86)\Razer
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-13 13:29 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-13 13:27 - 2018-09-15 10:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-13 13:26 - 2018-09-15 10:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-13 13:26 - 2018-09-15 10:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-13 11:47 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\Users\Public\Desktop\TC PU Programs
2019-09-13 02:09 - 2017-06-24 11:42 - 000000000 ____D C:\ProgramData\Desktop\TC PU Programs
2019-09-12 20:36 - 2017-09-01 19:04 - 000001857 _____ C:\Users\homepc\Desktop\FSFX_Tools.lnk
2019-09-11 18:57 - 2017-09-10 16:37 - 000000000 ____D C:\Users\homepc\AppData\Roaming\TS3Client
2019-09-11 01:12 - 2018-04-27 23:56 - 000000000 ____D C:\Program Files\ParkControl
2019-09-10 09:54 - 2018-07-26 13:21 - 000001323 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 Server.lnk
2019-09-10 09:49 - 2018-07-26 13:21 - 000001338 _____ C:\Users\homepc\Desktop\AivlaSoft EFB2 DbBuilder.lnk
2019-09-08 21:59 - 2019-06-29 00:06 - 000000000 ____D C:\Temp torrents
2019-09-08 19:32 - 2018-08-31 18:23 - 000000000 ___DC C:\Users\homepc\AppData\Local\Ubisoft Game Launcher
2019-09-08 16:41 - 2017-10-15 15:29 - 000002004 _____ C:\Users\homepc\Desktop\FS Real Time.lnk

==================== Files in the root of some directories ================

2018-02-03 18:04 - 2019-09-16 19:30 - 000000179 _____ () C:\Users\homepc\FSDreamTeam_GSX.reg
2017-12-30 20:37 - 2019-09-01 22:20 - 000002065 _____ () C:\Program Files (x86)\3187c76b-7ef1-4f48-bb5e-e5da055a81d9.index
2019-02-25 22:23 - 2019-09-27 00:02 - 000083295 _____ () C:\Program Files (x86)\F1Uninstall.exe
2011-12-03 16:23 - 2008-02-21 21:45 - 000070416 _____ () C:\Program Files (x86)\post-2-12035868936904.jpg
2019-09-27 03:53 - 2019-09-27 03:53 - 000087794 _____ () C:\Program Files (x86)\unEZCA2.exe
2019-01-31 15:53 - 2019-01-24 18:11 - 000000858 _____ () C:\Users\homepc\AppData\Roaming\8f2626ec-b19e-4dc5-9f23-cdc84f045b52.index
2018-06-20 11:47 - 2018-05-20 18:10 - 000000855 _____ () C:\Users\homepc\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2018-11-04 22:39 - 2018-10-04 09:37 - 002385178 _____ () C:\Users\homepc\AppData\Roaming\ec317386-e87d-48c7-ade1-34457a87d179.index
2017-12-20 01:48 - 2017-12-20 01:48 - 000000128 ____H () C:\Users\homepc\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2018-12-30 23:40 - 2018-12-30 23:40 - 000212879 _____ () C:\Users\homepc\AppData\Roaming\Lockheed Martin.rar
2017-09-03 12:43 - 2019-05-10 00:22 - 000000369 _____ () C:\Users\homepc\AppData\Roaming\OpenSceneryX Installer.plist
2018-10-27 22:23 - 2018-10-27 22:23 - 000000000 _____ () C:\Users\homepc\AppData\Roaming\Program.cfg
2018-10-25 01:07 - 2019-04-27 14:57 - 000000080 _____ () C:\Users\homepc\AppData\Roaming\WED.prefs
2019-05-10 01:34 - 2019-06-15 22:29 - 000008176 _____ () C:\Users\homepc\AppData\Roaming\XAddonManager.plist
2019-03-18 15:50 - 2019-03-18 15:50 - 000000000 _____ () C:\Users\homepc\AppData\Local\oobelibMkey.log
2019-10-07 18:14 - 2019-10-07 18:14 - 000000218 _____ () C:\Users\homepc\AppData\Local\recently-used.xbel
2019-04-16 15:23 - 2019-05-16 14:14 - 000007653 _____ () C:\Users\homepc\AppData\Local\Resmon.ResmonCfg
2019-04-19 00:39 - 2019-05-09 02:11 - 000001293 _____ () C:\Users\homepc\AppData\Local\Temp1.html
2019-04-19 00:40 - 2019-04-19 00:40 - 000013510 _____ () C:\Users\homepc\AppData\Local\Temp38.html
2019-05-09 02:11 - 2019-05-09 02:11 - 000003111 _____ () C:\Users\homepc\AppData\Local\Temp6.html
2019-08-12 23:06 - 2019-08-12 23:06 - 000017408 _____ () C:\Users\homepc\AppData\Local\WebpageIcons.db
2019-04-05 15:31 - 2019-05-03 12:37 - 000000093 _____ () C:\Users\homepc\AppData\Local\X-Plane 11 Preferences.prf
2019-04-05 15:31 - 2019-08-13 11:02 - 000000037 _____ () C:\Users\homepc\AppData\Local\X-Plane Installer.prf
2019-04-05 15:31 - 2019-05-25 17:50 - 000000075 _____ () C:\Users\homepc\AppData\Local\X-Plane_drm_11.prf
2019-04-05 15:32 - 2019-08-13 10:39 - 000000032 _____ () C:\Users\homepc\AppData\Local\x-plane_install_11.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 
i was not able to run ESET Online Scanner full scan as it stuck but got quick scan

08-Oct-19 11:37:33 AM
Files scanned: 12990
Infected files: 0
Cleaned threats: 0
Total scan time: 00:33:05
Scan status: Finished
 
scanned pc with other tools like kaspersky tdsskiller, Loaris Trojan Remover also-no traces of active infections were detected.

enclose an online analysis report VirusDetector - результаты анализа карантина 0B410E4C856CCA1D64FD41B8B9C38F3A

no malicious files detected and for files marked as unidentified, I can vouch for these applications got from trusted sources and have been installed long before yesterday, when I suspected that the system has penetrated by some malware

anyway i'm waiting for your final verdict,Sir

thank you in advance
 
Let's start with the files identified by Malwarebytes and AdwCleaner as "PUPs", Potentially Unwanted Programs, described by Microsoft as "PUAs", Potentially Unwanted Applications. Although not "malicious software", these programs not only slow down your computer, they often are installed as pre-checked options when installing other programs, tricking you into installing them. They may include browser hijackers, popups or pop-unders, scams and so much more. That said, it is your computer and your choice. However, I would certainly not have those programs installed on my computer. In addition, merely because you have had those programs installed for some time does not mean that they are not now or going to cause problems on your computer in the future.

1. Personally, as a start, in addition to removing the findings by Malwarebytes and AdwCleaner, I would consider uninstalling the following:

Auslogics Driver Updater 1.20.1.0
Driver Easy 5.6.8
Wise Disk Cleaner 10.2.5
Reg Organizer
Reg Organizer 8.30
Resource Tuner 2.20
µTorrent
Wise Disk Cleaner 10.2.5

If you don't choose to remove the PUPS/uninstall questionable programs, all I can do is provide a basic cleanup.

2. Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ".
Code: 
Start::
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File 
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File 
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File 
AlternateDataStreams: C:\Users\Public\DRM:[احتضان [48
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION 
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath 
S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath 
R3 ALSysIO; C:\Users\homepc\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-08] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION 
S3 cpuz140; no ImagePath 
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath 
EmptyTemp:
End::
  • Please right-click on FRST/FRST64 to run as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.
 
Corrine said:
1. Personally, as a start, in addition to removing the findings by Malwarebytes and AdwCleaner, I would consider uninstalling the following:

Auslogics Driver Updater 1.20.1.0
Driver Easy 5.6.8
Wise Disk Cleaner 10.2.5
Reg Organizer
Reg Organizer 8.30
Resource Tuner 2.20
µTorrent
Wise Disk Cleaner 10.2.5

If you don't choose to remove the PUPS/uninstall questionable programs, all I can do is provide a basic cleanup.
Click to expand...


Ok I do not see any problems with deleting the software listed above. going to uninstall right now
 
That is a good start. Since system resources/memory were indicated as issues in your original thread, you may also want to seriously consider looking over your remaining installed programs and uninstall any you are no longer using, even including games you no longer play.
 
Corrine said:
That is a good start. Since system resources/memory were indicated as issues in your original thread, you may also want to seriously consider looking over your remaining installed programs and uninstall any you are no longer using, even including games you no longer play.
Click to expand...

I used the freeware Wise Disk Cleaner to clean up my system disk on a regular basis. it helped me to free about 80 gigabytes for all time Wise Disk Cleaner was used. which analogue for cleaning would you advise?


Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by homepc (08-10-2019 20:55:52) Run:1
Running from C:\Users\homepc\Desktop\Tor Browser
Loaded Profiles: homepc (Available Profiles: homepc & test & newuser & Administrator & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\Public\DRM:[احتضان [48
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S2 1C:Enterprise 8.3 Server Agent (x86-64); "D:\Program Files\1cv8\8.3.13.1690\bin\ragent.exe" -srvc -agent -regport 1541 -port 1540 -range 1560:1591 -d "C:\Program Files\1cv8\srvinfo" <==== ATTENTION
S2 CG6Service; no ImagePath
S3 46e606d6959f0108; no ImagePath
S3 46e606d75d018d08; no ImagePath
S3 46e7aa83afb3d388; no ImagePath
S3 46e7aa850abbf508; no ImagePath
S3 46e7aa858013c708; no ImagePath
S3 46e7aba68c1ae788; no ImagePath
S3 46e7ba7f9f485208; no ImagePath
S3 46e7bd52beaedc08; no ImagePath
S3 46e7bd52fc933808; no ImagePath
S3 46e7ee3041330c88; no ImagePath
S3 46e7f3720b979388; no ImagePath
S3 46e7f3725915b688; no ImagePath
S3 46e7f372e8a50488; no ImagePath
S3 46e7f37367e55988; no ImagePath
S3 46e7f3747ea1a308; no ImagePath
R3 ALSysIO; C:\Users\homepc\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-08] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 cpuz140; no ImagePath
S3 Denuvo Kuser Data Driver 1.0.0.7; no ImagePath
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
C:\Users\Public\DRM => ":[احتضان" ADS could not remove.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Services\1C:Enterprise 8.3 Server Agent (x86-64) => removed successfully
1C:Enterprise 8.3 Server Agent (x86-64) => service removed successfully
HKLM\System\CurrentControlSet\Services\CG6Service => removed successfully
CG6Service => service removed successfully
HKLM\System\CurrentControlSet\Services\46e606d6959f0108 => removed successfully
46e606d6959f0108 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e606d75d018d08 => removed successfully
46e606d75d018d08 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7aa83afb3d388 => removed successfully
46e7aa83afb3d388 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7aa850abbf508 => removed successfully
46e7aa850abbf508 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7aa858013c708 => removed successfully
46e7aa858013c708 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7aba68c1ae788 => removed successfully
46e7aba68c1ae788 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7ba7f9f485208 => removed successfully
46e7ba7f9f485208 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7bd52beaedc08 => removed successfully
46e7bd52beaedc08 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7bd52fc933808 => removed successfully
46e7bd52fc933808 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7ee3041330c88 => removed successfully
46e7ee3041330c88 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7f3720b979388 => removed successfully
46e7f3720b979388 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7f3725915b688 => removed successfully
46e7f3725915b688 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7f372e8a50488 => removed successfully
46e7f372e8a50488 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7f37367e55988 => removed successfully
46e7f37367e55988 => service removed successfully
HKLM\System\CurrentControlSet\Services\46e7f3747ea1a308 => removed successfully
46e7f3747ea1a308 => service removed successfully
ALSysIO => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz140 => removed successfully
cpuz140 => service removed successfully
HKLM\System\CurrentControlSet\Services\Denuvo Kuser Data Driver 1.0.0.7 => removed successfully
Denuvo Kuser Data Driver 1.0.0.7 => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 135293349 B
Java, Flash, Steam htmlcache => 93179317 B
Windows/system/drivers => 1261169555 B
Edge => 0 B
Chrome => 77012384 B
Firefox => 60412636 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 16742 B
LocalService => 16742 B
NetworkService => 16742 B
NetworkService => 16742 B
homepc => 10122968 B
test => 76192157 B
newuser => 113428833 B
Administrator => 149837864 B
.NET v4.5 => 149837864 B
DefaultAppPool => 149837864 B
.NET v4.5 Classic => 149837864 B

RecycleBin => 0 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:59:04 ====
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top