NordVPN 6.18 patch Archives
NordVPN 6.18 patch Archives
 |  |  |
CVE-2014-0482
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate ...
CVE-2013-0282
OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.
CVE-2014-8763
DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
CVE-2014-3430
Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVE-2013-1865
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.
CVE-2008-0960
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research befor ...
CVE-2012-0675
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.
CVE-2019-9496
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, pe ...
CVE-2012-2414
main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to exec ...
CVE-2011-0091
Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing from strong encryption to DES encryption, which allows man-in-the-middle attackers to spoof network traffic and obtain sensitive information via a DES downgrade, aka "Kerberos Spoofing Vulnerability."
CVE-2013-2059
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
CVE-2017-3167
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
CVE-2009-3623
The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer dereferen ...
CVE-2016-7141
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been ...
CVE-2018-0886
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execut ...
CVE-2010-2731
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vul ...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.
CVE-2017-10784
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.
CVE-2008-5355
The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to execute arbitrary code v ...
CVE-2009-1836
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying th ...
CVE-2017-14080
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.
CVE-2019-16327
D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product.
CVE-2008-6039
Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2014-4831
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors.
CVE-2014-2651
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface
CVE-2011-1025
bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.
CVE-2017-1002024
Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.
CVE-2020-15136
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints func ...
CVE-2018-10362
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation (like '2 ...
CVE-2017-9100
login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.
CVE-2018-11692
** DISPUTED ** An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a customer ...
CVE-2020-8953
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).
CVE-2019-5213
Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of unc ...
CVE-2011-2361
The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site.
CVE-2019-5218
There is an insufficient authentication vulnerability in Huawei Band 2 and Honor Band 3. The band does not sufficiently authenticate the device try to connect to it in certain scenario. Successful exploit could allow the attacker to spoof then connect to the band.
CVE-2013-2820
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
CVE-2014-9278
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would forc ...
CVE-2012-4392
index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.
CVE-2018-0121
A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerabil ...
CVE-2019-6551
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to cause a continual denial-of-service condition.
CVE-2011-4514
The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers ...
CVE-2011-3667
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers ...
CVE-2017-16242
An issue was discovered on MECO USB Memory Stick with Fingerprint MECOZiolsamDE601 devices. The fingerprint authentication requirement for data access can be bypassed. An attacker with physical access can send a static packet to a serial port exposed on the PCB to unlock the key and get access to th ...
CVE-2019-5223
PCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result in malicious code execution.
CVE-2018-14709
Incorrect access control in the Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to bypass authentication due to insecure token generation.
CVE-2012-0803
The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request.
CVE-2018-14705
In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these applications ...
CVE-2018-14708
An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic.
CVE-2020-6309
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
CVE-2016-9729
IBM QRadar 7.2 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM Reference #: 1999545.
CVE-2009-0591
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
CVE-2007-3177
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter.
CVE-2010-3868
Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System do not require authentication for requests to decrypt SCEP one-time PINs, which allows remote attackers to obtain PINs by sniffing the network for SCEP requests and then sending decryption requests to the Certificate Authority ...
CVE-2015-6401
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.
CVE-2016-0916
EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.
CVE-2015-2047
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authentication via a password that is casted to an empty value.
CVE-2015-1187
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
CVE-2015-2033
Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
CVE-2019-19825
The attacker can perform r ...
CVE-2017-17560
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file syst ...
CVE-2008-5158
Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving "simply skipping the auth stage."
CVE-2008-6009
SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.
CVE-2009-0129
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
CVE-2017-3831
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for ac ...
CVE-2016-3176
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.
CVE-2009-0128
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS si ...
CVE-2009-0127
** DISPUTED ** M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal, DSA_verify, ECDSA_verify, DSA_do_verify, and ECDSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vul ...
CVE-2019-5233
Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components.
CVE-2010-3852
The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses "[INSERT SECRET HERE]" as its secret key for cookies, which makes it easier for remote attackers to bypass repoze.who authentication via a forged ticket cookie.
CVE-2018-8096
Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admin access) via '"Name":"isauthenticationenabled","Value":false' in an api/settings/setting-isauthenticationenabled PUT request.
CVE-2009-0125
** DISPUTED ** NOTE: this issue has been disputed by the upstream vendor. nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library (aka libnasl) 2.2.11 does not properly check the return value from the OpenSSL DSA_do_verify function, which allows remote attackers to bypass validation of ...
CVE-2009-0124
The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radio Relay League (ARRL) tqsllib 2.0 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a ...
CVE-2010-1670
Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on (SSO) functionality, which allows remote attackers to bypass authentication via an empty password. NOTE: some of these de ...
CVE-2010-2526
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume ...
CVE-2008-0706
Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.
CVE-2018-8902
An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted products used a single shared key encryption model to encrypt data. A user with access to system databases can use the discovered key to access potentially confidential stored data, which may include Wi-Fi ...
CVE-2015-7755
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remo ...
CVE-2017-2914
An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker needs network connec ...
CVE-2018-3696
Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access.
CVE-2009-0138
servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration.
CVE-2018-21062
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. When biometric authentication is disabled, an attacker can view Streams content (e.g., a Gallery slideshow) of a locked Secure Folder via a connection to an external device. The Samsung ID is SVE-2018-11766 (August 20 ...
CVE-2014-4872
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService.
CVE-2017-5189
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
CVE-2009-0130
** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DSA_do_verify function, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE ...
CVE-2017-6034
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.
CVE-2017-9542
D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device.
CVE-2018-16947
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, includi ...
CVE-2017-9543
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm.
CVE-2020-3216
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certa ...
CVE-2018-13434
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism ...
CVE-2018-13435
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w ...
CVE-2007-5770
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL ...
CVE-2007-3597
Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web sessions by setting the Cookie parameter.
CVE-2018-5403
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
CVE-2007-4438
Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2015-7746
NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8 in the volume language.
CVE-2018-11271
Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9 ...
CVE-2019-5253
E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a man in the middle att ...
CVE-2019-5252
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2018-0195
A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. The vulnerability is due to insufficient authorization checks for requests that are sent to the ...
CVE-2014-2685
The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveraging ...
CVE-2009-3657
Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2016-4484
The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.
CVE-2009-2328
admin/edit_user.php in KerviNet Forum 1.1 and earlier does not require administrative authentication, which allows remote attackers to delete arbitrary accounts and conduct SQL injection attacks via the del_user_id parameter.
CVE-2017-8223
On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0.
CVE-2009-4987
admin/header.php in Scripteen Free Image Hosting Script 2.3 allows remote attackers to bypass authentication and gain administrative access by setting the cookgid cookie value to 1, a different vector than CVE-2008-3211.
CVE-2013-7239
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
CVE-2017-6049
Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL.
CVE-2010-1613
Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote attackers to conduct session fixation attacks.
CVE-2017-9552
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local ...
CVE-2010-2944
The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges.
CVE-2018-13446
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2010-2940
The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.
CVE-2014-3527
When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information from the HttpServletR ...
CVE-2018-0163
A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker c ...
CVE-2014-0015
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
CVE-1999-0680
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.
CVE-2007-5791
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious ...
CVE-2009-1489
includes/user.php in Fungamez RC1 allows remote attackers to bypass authentication and gain administrative access by setting the user cookie parameter.
CVE-2013-4178
The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP).
CVE-2016-6659
Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 for UAA 3.6.5 and before 24 for UAA 3.9.3 allow attackers to gain privileges by accessing UAA logs and subsequently running a specially crafte ...
CVE-2007-5797
SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
CVE-2018-21038
An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018).
CVE-2016-2286
Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build ...
CVE-2016-4460
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
CVE-2016-5791
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication.
CVE-2014-3999
The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.
CVE-2014-2665
includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by ...
CVE-2008-6045
Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter.
CVE-2013-6360
TRENDnet TS-S402 has a backdoor to enable TELNET.
CVE-2013-5038
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session.
CVE-2008-2920
admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files.
CVE-2018-12575
On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
CVE-2017-6062
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass authentication via crafted ...
CVE-2005-3979
relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.
CVE-2007-2277
Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2018-18256
An issue was discovered in CapMon Access Manager 5.4.1.1005. A regular user can obtain local administrator privileges if they run any whitelisted application through the Custom App Launcher.
CVE-2018-18255
An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges.
CVE-2009-1825
modules/admuser.php in myColex 1.4.2 does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action.
CVE-2009-1826
modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action.
CVE-2020-10754
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.
CVE-2013-5009
The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access ...
CVE-2017-3880
An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_me ...
CVE-2017-1222
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 123862.
CVE-2009-4095
myPhile 1.2.1 allows remote attackers to bypass authentication via an empty password. NOTE: some of these details are obtained from third party information.
CVE-2017-14911
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config.
CVE-2008-4244
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
CVE-2019-6143
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerabi ...
CVE-2008-5575
Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2008-5576
admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter.
CVE-2018-1085
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote u ...
CVE-2013-5497
The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148 ...
CVE-2019-5298
There is an improper authentication vulnerability in some Huawei AP products before version V200R009C00SPC800. Due to the improper implementation of authentication for the serial port, an attacker could exploit this vulnerability by connecting to the affected products and running a series of command ...
CVE-2018-1082
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.
CVE-2011-3297
Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attackers to cause a denial of service (module crash) by making many authentication requests for network acc ...
CVE-2011-3298
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), ...
CVE-2019-7479
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and ...
CVE-2020-5849
Unraid 6.8.0 allows authentication bypass.
CVE-2014-8347
An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges.
CVE-2013-6347
Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2012-0874
The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 do not require authentication by default in certain profiles, which might a ...
CVE-2008-6411
Explay CMS 2.1 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the login cookie to 1.
CVE-2005-4851
eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.
CVE-2016-7145
The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
CVE-2016-7144
The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
CVE-2011-4590
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server.
CVE-2012-0400
EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2007-5752
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
CVE-2015-3775
Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors.
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.
CVE-2017-12712
The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 bas ...
CVE-2017-17161
The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' functio ...
CVE-2008-3375
The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie.
CVE-2008-4223
Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.
CVE-2019-20412
The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Statu ...
CVE-2007-4419
Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area.
CVE-2019-15068
A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator��������s password without any authentication.
CVE-2005-4861
functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows remote attackers to bypass authentication by requesting account_manage.php with a trailing "/login.php" PHP_SELF value, which is not properly handled by the CHECK_AUTH function.
CVE-2008-5558
Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching.
CVE-2017-1258
IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 124685
CVE-2014-6148
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL ...
CVE-2017-5619
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself (e.g., from the DB) instead of the valid password string.
CVE-2009-1854
Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1.
CVE-2014-8329
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt.
CVE-2017-2101
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to bypass authentication to perform arbitrary operations via unspecified vectors.
CVE-2014-2614
Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140.
CVE-2014-3945
The Authentication component in TYPO3 before 6.2, when salting for password hashing is disabled, does not require knowledge of the cleartext password if the password hash is known, which allows remote attackers to bypass authentication and gain access to the backend by leveraging knowledge of a pass ...
CVE-2011-1901
The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2013-4594
The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.
CVE-2006-0633
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it easier for remote attackers to guess the code and ch ...
CVE-2013-4593
RubyGem omniauth-facebook has an access token security vulnerability
CVE-2013-1080
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a reques ...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack.
CVE-2014-3944
The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.
CVE-2020-11650
An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent.
CVE-2010-1222
CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request.
CVE-2010-1221
CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request.
CVE-2017-9148
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEA ...
CVE-2019-1724
A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. An attacker could use this impersonated sessi ...
CVE-2013-3268
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.
CVE-2018-12984
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.
CVE-2018-6328
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into its /api/hosts parameters using backquotes.
CVE-2017-12778
** DISPUTED ** The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\<username>\Roaming\qBittorrent pathname. The attac ...
CVE-2007-3988
Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2014-2609
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.
CVE-2009-4909
admin/index.php in oBlog allows remote attackers to conduct brute-force password guessing attacks via HTTP requests.
CVE-2015-6816
ganglia-web before 3.7.1 allows remote attackers to bypass authentication.
CVE-2020-13837
An issue was discovered on Samsung mobile devices with Q(10.0) software. The Lockscreen feature does not block Quick Panel access to Music Share. The Samsung ID is SVE-2020-17145 (June 2020).
CVE-2015-6817
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
CVE-2020-13838
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The DeX Lockscreen feature does not block access to Quick Panel and notifications. The Samsung ID is SVE-2020-17187 (June 2020).
CVE-2016-7114
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 1 ...
CVE-2017-3854
A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could ex ...
CVE-2016-7112
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 1 ...
CVE-2009-1878
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2013-6788
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack.
CVE-2017-11430
OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticati ...
CVE-2018-1000875
Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exp ...
CVE-2002-0563
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and ...
CVE-2008-5124
JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks.
CVE-2008-6455
Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote attackers to hijack web sessions via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2015-5998
Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command.
CVE-2018-5455
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing authenticati ...
CVE-2008-5125
admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin.
CVE-2007-5714
The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitrary code.
CVE-2018-5451
In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers wi ...
CVE-2012-2626
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action.
CVE-2017-3867
A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: ...
CVE-2018-13816
A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no use ...
CVE-2013-5426
Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 IF11 allows remote authenticated users to hijack web sessions via un ...
CVE-2020-11673
An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wp_ajax_nopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operation ...
CVE-2017-11429
Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML ...
CVE-2017-11428
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to ...
CVE-2017-11427
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication t ...
CVE-2013-5429
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which makes it easier for remote authenticated users to comp ...
CVE-2018-5459
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could ...
CVE-2008-6445
Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact and attack vectors, possibly related to improper authentication and the ability to upload arbitrary PHP code. NOTE: some of these details are obtained from third party information.
CVE-2009-4927
WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1.
CVE-2009-4929
admin/manage_users.php in TotalCalendar 2.4 does not require administrative authentication, which allows remote attackers to change arbitrary passwords via the newPW1 and newPW2 parameters.
CVE-2014-9217
Graylog2 before 0.92 allows remote attackers to bypass LDAP authentication via crafted wildcards.
CVE-2013-4580
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.
CVE-2008-6440
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
CVE-2010-3896
The ESSearchApplication directory tree in IBM OmniFind Enterprise Edition 8.x and 9.x does not require authentication, which allows remote attackers to modify the server configuration via a request to palette.do.
CVE-2013-6766
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.
CVE-2013-6765
OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information, which causes the state to be set to CLIENT_AUTHENTIC, as demonstrated by the omp_xml_handle_end_elem ...
CVE-2018-13821
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
CVE-2019-3935
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows.
CVE-2019-1758
A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit ...
CVE-2020-9477
An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capture packets at the time of authentication and gain access to the cleartext password. An attacker coul ...
CVE-2008-6951
MauryCMS 0.53.2 and earlier does not require administrative authentication for Editors/fckeditor/editor/filemanager/browser/default/browser.html, which allows remote attackers to upload arbitrary files via a direct request.
CVE-2019-20027
Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account.
CVE-2008-1268
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
CVE-2018-4064
GoogleUpdateTaskMachineSW being detected as malware
I also ran FRST and this is what it gave me:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by user (administrator) on LAPTOP-047BIFJR (LENOVO 80XU) (23-05-2020 16:12:35)
Running from C:\Users\user\Downloads
Loaded Profiles: user
Platform: Windows 10 Home Single Language Version 1903 18362.778 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0348851.inf_amd64_57dae422ff3d4272\B348820\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0348851.inf_amd64_57dae422ff3d4272\B348820\atiesrxx.exe
(Cam-Trax Technologies) [File not signed] C:\Users\user\AppData\Local\Common\csag.exe
(Core Technologies Consulting, LLC -> Core Technologies Consulting, LLC) C:\Program Files (x86)\PC Commander\PCCommander.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\97.4.467\QtWebEngineProcess.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Krisp Technologies, Inc -> Krisp) C:\Program Files\Krisp\Krisp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\CCSDK\CCSDKUpdateAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 14.0\vegas140.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 14.0\ErrorReportLauncher.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 14.0\x86\FileIOSurrogate.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 14.0\x86\sfvstserver.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Novawave Inc. -> Novawave Inc.) C:\Program Files\Novawave\Novabench\NovabenchService.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [1044904 2016-12-31] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> )
HKLM\...\Run: [Krisp] => C:\Program Files\Krisp\Krisp.exe [2349216 2020-04-10] (Krisp Technologies, Inc -> Krisp)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6867968 2020-05-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1312040 2018-12-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1146839202-1379869753-156225255-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140159984\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\Run: [EOP Startup Bar] => "C:\Program Files\Java\jre1.8.0_102\bin\javaw.exe" -jar "C:\Users\user\AppData\Roaming\EOPStartupBar\subx.jar"
HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\Run: [cscommon] => C:\Users\user\AppData\Local\Common\csag.exe [1342464 2015-03-02] (Cam-Trax Technologies) [File not signed]
HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\MountPoints2: {df0120f7-ff5a-11e9-858e-54e1ad56e914} - "F:\AutoRun.exe"
HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\Run: [EOP Startup Bar] => "C:\Program Files\Java\jre1.8.0_102\bin\javaw.exe" -jar "C:\Users\user\AppData\Roaming\EOPStartupBar\subx.jar"
HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\Run: [cscommon] => C:\Users\user\AppData\Local\Common\csag.exe [1342464 2015-03-02] (Cam-Trax Technologies) [File not signed]
HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\MountPoints2: {df0120f7-ff5a-11e9-858e-54e1ad56e914} - "F:\AutoRun.exe"
AppInit_DLLs: prio.dll => No File
IFEO\LogTransport2.exe: [Debugger] 0
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03FA2DBE-B789-4388-8FE2-719700FEF744} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1146839202-1379869753-156225255-1001Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-02-17] (Google Inc -> Google Inc.)
Task: {08735D5A-873A-40A3-BE8B-F9EA2C926FDE} - System32\Tasks\Opera scheduled Autoupdate 1572913323 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe
Task: {0B34D630-D28A-4703-A6BA-768ED7723603} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0E48ACC7-1DD6-4949-97E1-5A8234872040} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\12cd7354-4510-4b59-a7ad-b45cb7041fbc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {0E58E3B8-9E08-4DD4-A1BB-1BE4C071297E} - System32\Tasks\EPSON L3110 Series Update {BCC9EC74-0246-4B11-9851-5A1BDD14FB95} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUPE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {0FE810D3-3102-4A77-A984-5A12852FEEDA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965992 2018-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {10685FCF-AD5E-4928-BDA6-76095C34992A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac1015c2-9fd0-415c-9f00-cfb8680ef686 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {12E87875-48A2-45E1-B2F4-1397A80E3165} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1B4B3B79-603E-440F-9274-849C948855B4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1146839202-1379869753-156225255-1001 => C:\Users\user\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-16] (Mega Limited -> Mega Limited)
Task: {1B5C8132-514C-423C-B8DF-57C35D5F0488} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1146839202-1379869753-156225255-1001 => C:\Users\user\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [86824 2019-12-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {1FA836DE-440D-49A1-927D-097DE55C9E60} - System32\Tasks\process trim => C:\Users\user\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [1035912 2017-09-18] (Koshy John -> KoshyJohn.com)
Task: {2600F46E-D744-4435-A499-886876F42713} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [61440 2014-08-21] (PcWinTech.com) [File not signed]
Task: {2CD68A10-AAFB-4104-89B2-53813C8AFCB0} - System32\Tasks\update-S-1-5-21-1146839202-1379869753-156225255-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {36155087-FE5B-4CAC-9A17-A9541974AE70} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\user\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3157472 2018-05-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3867C642-9AE1-4351-BBC0-9E48B7567AD7} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3BAA8553-6C10-4FFE-9552-E1EC9365E5AD} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3D00C679-C628-4D20-83E6-B26AF04D116F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [158648 2020-03-31] (Lenovo -> Lenovo Group Ltd.)
Task: {3FE7A49C-6251-4FFC-8649-111D08C42CA2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1442480 2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {43EC5715-AE35-41D5-BE8E-3880E55E637B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {46111736-7D39-4896-90FE-84C311280D25} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {506A07FE-A439-4175-9D9F-6347C7E8D5B5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5EE310FF-AE73-4247-9A97-FACC4B416307} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {64B1D21E-6818-46F7-818B-9B5D045B4203} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {67F42350-E055-4A90-8C9C-4D9389585220} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\47d2dc43-145c-4f82-8584-849f8f3d8d0c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {67FA8A6D-A54F-495E-A51F-DD3D0A31B8D5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {699D77E3-47D4-4326-9BF8-DA9F2321073A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965992 2018-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {71CB7236-5010-4445-8356-3893CDEAC1A8} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS\AutoKMS.exe [650752 2018-08-12] () [File not signed]
Task: {82176100-65A3-4C82-BE58-B81BFFCB67D4} - System32\Tasks\WpsUpdateTask_user => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [439152 2011-11-04] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {8462A336-D15D-4E3E-BE14-897D660C3AFB} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {89EFCB91-92EB-413E-9669-E4421F5C6547} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {95E363C7-F7FC-4BA2-B1C3-070D39DCB7EF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1442480 2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {96DDBC54-2385-44A1-AEAB-AB21A60344CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-22] (Google Inc -> Google LLC)
Task: {A3196591-5837-43ED-A3A6-3739B5E92162} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-11-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {A5AA2B80-3F82-4C7E-8112-F7941E0902F6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AA659611-93E2-42E5-B8AE-8CB7670E1494} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB6E197C-2A25-4876-8572-FC2310DCEF0F} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-cjesiela@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineSW" was unlocked. <==== ATTENTION
Task: {AD0620B7-9BE0-4A38-9669-60B575900651} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineSW => C:\WINDOWS\SysWOW64\Microsoft\Protect\S-1-33-83\RB_1.3.22.54.exe <==== ATTENTION
Task: {B5F79E14-4572-408F-89EC-29D9AD4E7DB7} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [650752 2018-08-12] () [File not signed]
Task: {C8CA3B77-DAF0-42EB-A210-F9520F9ADC31} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54424 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {D492AA8E-FCC8-44DC-91E3-A2CACC5CE4D4} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-11-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D5D1DC76-2AF3-4117-BA4E-A63556306485} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1146839202-1379869753-156225255-1001UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-02-17] (Google Inc -> Google Inc.)
Task: {DE3EE739-A4E7-49E0-A2AC-70DCC3485D45} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-11-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E834707C-FE9D-4E12-A4F2-289FB0478914} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {F0CBA621-77BD-4539-9451-5C882E4608DB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e3368325-fefa-4e00-bf76-2ea1192c5367 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {FAD43E1C-6DB9-42E3-B261-014DB811A904} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-22] (Google Inc -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L3110 Series Update {BCC9EC74-0246-4B11-9851-5A1BDD14FB95}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUPE.EXE:/EXE:{BCC9EC74-0246-4B11-9851-5A1BDD14FB95} /F:UpdateWORKGROUP\LAPTOP-047BIFJR$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1146839202-1379869753-156225255-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_user.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{05087823-d84f-4f0b-9456-59e2adb8a947}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{05087823-d84f-4f0b-9456-59e2adb8a947}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{bb33537f-629d-413b-b782-5e829a500cfa}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{bb33537f-629d-413b-b782-5e829a500cfa}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{df8f85d2-a036-4f4c-a000-2e9f7a0d1f61}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-1146839202-1379869753-156225255-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1146839202-1379869753-156225255-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1146839202-1379869753-156225255-1001 -> DefaultScope {1E438341-3BB7-49AE-9237-2ACDED42F04C} URL =
SearchScopes: HKU\S-1-5-21-1146839202-1379869753-156225255-1001 -> {1E438341-3BB7-49AE-9237-2ACDED42F04C} URL =
SearchScopes: HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436 -> DefaultScope {1E438341-3BB7-49AE-9237-2ACDED42F04C} URL =
SearchScopes: HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436 -> {1E438341-3BB7-49AE-9237-2ACDED42F04C} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-12-14] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-12-14] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-30] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\user\Downloads
FireFox:
========
FF DefaultProfile: pyd312fs.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pyd312fs.default [2019-11-17]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release [2020-05-23]
FF Session Restore: Mozilla\Firefox\Profiles\e2uk1q9r.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\e2uk1q9r.default-release -> hxxps://www.reddit.com; hxxps://calendar.google.com; hxxps://www.bridge.xitlabs.com; hxxps://top.gg; hxxps://discordapp.com; hxxps://www.youtube.com; hxxps://new.reddit.com; hxxps://web.telegram.org; hxxps://pomofocus.io
FF Extension: (CanvasBlocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\CanvasBlocker@kkapsner.de.xpi [2020-01-18]
FF Extension: (Checker Plus for Gmail) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\checkerplusforgmail@jasonsavard.com.xpi [2020-05-05]
FF Extension: (Drag-Select Link Text) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\dragselectlinktext@kestrel.xpi [2020-02-08]
FF Extension: (TubeBuddy) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2020-05-22]
FF Extension: (Crono) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\firefox@crono.app.xpi [2020-03-16] [UpdateUrl:hxxps://crono.app/firefox_updates.json]
FF Extension: (Tampermonkey) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\firefox@tampermonkey.net.xpi [2020-04-10]
FF Extension: (Highlight This: finds and marks words) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\highlightthis@deboel.eu.xpi [2020-01-08]
FF Extension: (HTTPS Everywhere) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\https-everywhere@eff.org.xpi [2020-05-22]
FF Extension: (Image Picka) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\image-picka@eight04.blogspot.com.xpi [2020-02-18]
FF Extension: (Honey) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2020-04-15]
FF Extension: (Decentraleyes) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-04-02]
FF Extension: (Pushbullet) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2020-05-16]
FF Extension: (Reddit Enhancement Suite) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2020-04-25]
FF Extension: (KeePassXC-Browser) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2019-12-10]
FF Extension: (IDM Integration Module) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2020-05-01]
FF Extension: (NordVPN – #1 VPN Proxy Extension for Firefox) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\nordvpnproxy@nordvpn.com.xpi [2020-03-14]
FF Extension: (Reddit post notifier) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\reddit-post-notifier@flytaly.xpi [2020-04-12]
FF Extension: (Tab Suspender) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\tabsuspender@michalewiczpiotr.xpi [2020-05-20]
FF Extension: (Google Translator for Firefox) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\translator@zoli.bod.xpi [2019-11-18]
FF Extension: (Tree Style Tab) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2020-05-06]
FF Extension: (uBlock Origin) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-05-22]
FF Extension: (VPNCity - Fast & Unlimited VPN | Unblocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\vpncity@thinkhuge.net.xpi [2020-03-12]
FF Extension: (Privacy Possum) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\woop-NoopscooPsnSXQ@jetpack.xpi [2019-11-30]
FF Extension: (Youtube Checker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\youtube-subscription-checker@xrxr.xpi [2020-01-13]
FF Extension: (Disable autoplay on YouTube and save your autoplay settings between sessions.) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{14e605a0-6fdd-43e9-891a-29f6e481db24}.xpi [2020-01-09]
FF Extension: (Gradient Orange-Blue) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{31e908a3-8e1e-4e73-a24e-6051625d7498}.xpi [2020-01-11]
FF Extension: (EPUBReader) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-05-02]
FF Extension: (QR Coder) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{56b64339-ccb2-4613-8bf3-4496222d82a2}.xpi [2020-01-12]
FF Extension: (Save In…) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{72d92df5-2aa0-4b06-b807-aa21767545cd}.xpi [2019-12-22]
FF Extension: (Web Scrobbler) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{799c0914-748b-41df-a25c-22d008f9e83f}.xpi [2020-05-17]
FF Extension: (Universal Bypass) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{8f4fa810-9c36-4b81-8e72-de97c8f29d67}.xpi [2020-04-26]
FF Extension: (Auto Shutdown) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{9a71ec90-d0b6-44af-833f-efe418ff8454}.xpi [2020-05-03]
FF Extension: (Rita Rossweisse JoJo Reference) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{9b9cd090-4fd4-44f3-bb38-0398a6aebaf3}.xpi [2019-11-17]
FF Extension: (Matte Black (Red)) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2019-12-28]
FF Extension: (Auto Tab Discard) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2019-12-09]
FF Extension: (MAL-Sync) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{c84d89d9-a826-4015-957b-affebd9eb603}.xpi [2019-11-17]
FF Extension: (Vocaloid Miku Future) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{dc24feba-0bb5-4ebd-8a61-88b810f44464}.xpi [2019-11-18]
FF Extension: (Nano Defender for Firefox) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\e2uk1q9r.default-release\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-05-22]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-06-15] [Legacy] [not signed]
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\user\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-03-01] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2018-05-18] [Legacy] [not signed]
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\user\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1146839202-1379869753-156225255-1001: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-1146839202-1379869753-156225255-1001: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\local-settings.js [2019-11-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2019-11-17] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2020-05-23]
CHR DefaultSearchURL: Default -> hxxps://abs.twimg.com/responsive-web/web/icon-default.3c3b224a61f8b0e54.png
CHR Session Restore: Default -> is enabled.
CHR Extension: (Text Mode) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\adelhekhakakocomdfejiipdnaadiiib [2019-10-27]
CHR Extension: (I'm a Gentleman) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd [2019-10-13]
CHR Extension: (BetterTTV) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-05-06]
CHR Extension: (Le Lenny Face) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbjhmeabebkfjlofaofoilpinafalom [2019-03-21]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-30]
CHR Extension: (Sad Panda) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2018-05-10]
CHR Extension: (Tampermonkey) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-03-07]
CHR Extension: (No Playlist Autoplay For YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkokllldoffaconpbmbaofjbadhjggil [2020-03-07]
CHR Extension: (NoScript) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\doojmbjmlfjjnbmnoijecmcbfeoakpjm [2020-04-23]
CHR Extension: (Page Eraser) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekofpchjmoalonajopdeegdappocgcmj [2019-06-09]
CHR Extension: (FrankerFaceZ) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2018-12-25]
CHR Extension: (MangaRock Zen Mode) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fibnhakphanghjojcnaeehgoemhobaed [2019-04-05]
CHR Extension: (EditThisCookie) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (HTTPS Everywhere) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-04-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-23]
CHR Extension: (Auto Shutdown) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkmonffckeeffppchajngpdakfppalfo [2020-04-23]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-11-29]
CHR Extension: (Anime Notifier) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hajchfikckiofgilinkpifobdbiajfch [2019-04-12]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2020-05-06]
CHR Extension: (BeeLine Reader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjafammaookpiajfbedmacfldaiamgg [2020-04-22]
CHR Extension: (Reedy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbdojmggkmjbhfflnchljfkgdhokffj [2019-06-09]
CHR Extension: (Clutter Free - Prevent duplicate tabs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iipjdmnoigaobkamfhnojmglcdbnfaaf [2020-05-06]
CHR Extension: (Reddit Notifier) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikingdipinldcfllekffnlgbojbbpilk [2018-06-02]
CHR Extension: (Twitter) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2019-09-02]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2018-04-07]
CHR Extension: (Grammarly for Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-04-23]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-05-06]
CHR Extension: (MAL-Sync) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kekjfbackdeiabghhcdklcdoekaanoel [2020-05-06]
CHR Extension: (Disable Extensions Temporarily) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfdefmogcogicollfebhgjiiakbjdje [2020-05-06]
CHR Extension: (Anime Notifier) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfjpdbjcbcncapaoolnlbhnbklndnhni [2019-04-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-22]
CHR Extension: (TubeBuddy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2019-12-09]
CHR Extension: (Do It! Shia Labeouf (Super Pack)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\miagjfhahnjmnnmhdgelhmbpjgojfnok [2019-06-09]
CHR Extension: (Google Mail Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-02-01]
CHR Extension: (IDM Integration Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-08-26]
CHR Extension: (cookies.txt) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\njabckikapfpffapmjgojcnbfjonfjfg [2019-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (RegExp Download Organizer) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamembonjndgangicfphlckkdmagpjlg [2019-10-02]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-10-25]
CHR Extension: (The QR Code Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijdcdmnjjgnnhgljmhkjlablaejfeeb [2019-11-03]
CHR Extension: (Always Show Watch Later) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnlaeeckmpncaogfacbkelbldmpbibi [2019-03-04]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]
CHR Extension: (History Trends Unlimited) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmchffiealhkdloeffcdnbgdnedheme [2019-09-30]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-18]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-18]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-03-31]
CHR HKU\S-1-5-21-1146839202-1379869753-156225255-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1146839202-1379869753-156225255-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1146839202-1379869753-156225255-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05232020140149436\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0348851.inf_amd64_57dae422ff3d4272\B348820\atiesrxx.exe [509144 2019-11-18] (Advanced Micro Devices, Inc. -> AMD)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-07] (LENOVO -> Lenovo)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9662752 2018-11-03] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-05-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-01-29] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2017-01-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] (Huawei Technologies Co., Ltd. -> )
R2 NovabenchService; C:\Program Files\Novawave\Novabench\NovabenchService.exe [330288 2018-10-06] (Novawave Inc. -> Novawave Inc.)
R2 PC Commander; C:\Program Files (x86)\PC Commander\PCCommander.exe [934928 2015-09-26] (Core Technologies Consulting, LLC -> Core Technologies Consulting, LLC)
S4 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (JOHN MAUTARI -> Mr. John aka japamd) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324584 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [466096 2018-04-24] (Windscribe Limited -> Windscribe Limited)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0348851.inf_amd64_57dae422ff3d4272\B348820\atikmdag.sys [60670888 2019-11-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0348851.inf_amd64_57dae422ff3d4272\B348820\atikmpag.sys [598232 2019-11-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103688 2019-11-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-09] (Power Technology -> Windows ® Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-09] (Power Technology -> Windows ® Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-23] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [28752 2017-01-24] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [108352 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [95168 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 GD32VCP; C:\WINDOWS\system32\DRIVERS\usbser.sys [79360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KrispSimple; C:\WINDOWS\System32\drivers\KrispVad.sys [54464 2020-02-25] (Krisp Technologies, Inc -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [15768 2013-12-03] (Kasherlab Technology Inc. -> )
R1 NemuDrv; C:\Program Files (x86)\Nemu\Hypervisor\NemuDrv.sys [299240 2019-02-20] (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation)
R3 NovabenchDriver; C:\Program Files\Novawave\Novabench\NovabenchDriverWin10.sys [28216 2018-03-28] (Microsoft Windows Hardware Compatibility Publisher -> )
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [964136 2017-03-02] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3236320 2017-11-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-20] (Razer USA Ltd. -> Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer USA Ltd. -> Razer, Inc.)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [160256 2013-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [203088 2020-05-17] (RH Software Ltd -> Ray Hinchliffe)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-07-20] (STMicroelectronics -> STMicroelectronics)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (Windscribe Limited -> The OpenVPN Project)
S3 UniFairy; C:\WINDOWS\system32\UniFairy.sys [885224 2020-05-17] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win7.sys [41192 2018-02-05] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213216 2018-10-15] (Oracle Corporation -> Oracle Corporation)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-01-10] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-09] (EldoS Corporation -> /n software, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [37944 2018-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 mhyprotect; \??\C:\Users\user\AppData\Local\Temp\mhyprotect.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-23 16:12 - 2020-05-23 16:21 - 000058733 _____ C:\Users\user\Downloads\FRST.txt
2020-05-23 16:10 - 2020-05-23 16:20 - 000000000 ____D C:\FRST
2020-05-23 16:08 - 2020-05-23 16:09 - 002286080 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2020-05-23 15:54 - 2020-05-23 15:54 - 000005318 _____ C:\Users\user\Desktop\stuff.txt
2020-05-23 13:59 - 2020-05-23 13:59 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-23 13:57 - 2020-05-23 14:51 - 000000000 ____D C:\Users\user\AppData\LocalLow\IGDump
2020-05-23 13:56 - 2020-05-23 13:56 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-23 13:56 - 2020-05-23 13:56 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-05-23 13:49 - 2020-05-23 13:49 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-23 13:49 - 2020-05-23 13:49 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-23 13:49 - 2020-05-23 13:49 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-23 13:49 - 2020-05-23 13:49 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-23 13:49 - 2020-05-23 13:49 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-05-23 13:48 - 2020-05-23 13:46 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-23 13:48 - 2020-05-23 13:46 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-23 13:46 - 2020-05-23 13:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-23 13:44 - 2020-05-23 13:59 - 171807840 _____ (Sophos Limited) C:\Users\user\Downloads\Sophos Virus Removal Tool.exe
2020-05-23 13:40 - 2020-05-23 13:40 - 001980016 _____ (Malwarebytes) C:\Users\user\Downloads\MBSetup.exe
2020-05-23 12:28 - 2020-05-23 12:30 - 000000000 ____D C:\KVRT_Data
2020-05-23 12:28 - 2020-05-23 12:28 - 000478392 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\F5B73E16.sys
2020-05-23 12:28 - 2020-05-23 12:28 - 000085600 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\87365086.sys
2020-05-23 12:05 - 2020-05-23 12:19 - 175267256 _____ (AO Kaspersky Lab) C:\Users\user\Downloads\KVRT.exe
2020-05-23 09:01 - 2020-05-23 09:01 - 008196784 _____ (Malwarebytes) C:\Users\user\Downloads\adwcleaner_8.0.4.exe
2020-05-21 07:14 - 2020-05-23 07:14 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-05-20 12:47 - 2020-05-20 12:47 - 000000000 __RHD C:\MSOCache
2020-05-20 07:16 - 2020-05-20 07:16 - 000000000 ____D C:\Users\user\Downloads\PARTICULAS_FREE
2020-05-20 07:13 - 2020-05-20 07:13 - 000000000 ____D C:\Users\user\Downloads\TransitionsFree
2020-05-20 07:09 - 2020-05-20 07:09 - 000000000 ____D C:\Users\user\AppData\Roaming\Vegasaur
2020-05-20 07:08 - 2020-05-20 14:33 - 000000000 ____D C:\ProgramData\Vegasaur
2020-05-20 07:08 - 2020-05-20 07:08 - 000000000 ____D C:\Program Files\Vegasaur
2020-05-20 06:55 - 2020-05-23 07:14 - 000002836 _____ C:\WINDOWS\system32\Tasks\AutoKMSDaily
2020-05-20 06:55 - 2020-05-23 07:14 - 000000258 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2020-05-19 22:19 - 2020-05-19 22:28 - 045076334 _____ (Vegasaur.com ) C:\Users\user\Downloads\Vegasaur_Setup_3.9.5.exe
2020-05-19 21:19 - 2020-05-19 21:19 - 000716474 _____ C:\Users\user\Documents\Track 22 - 1.wav
2020-05-19 21:19 - 2020-05-19 21:19 - 000002856 _____ C:\Users\user\Documents\Track 22 - 1.sfk
2020-05-19 07:31 - 2020-05-23 10:37 - 000000000 ____D C:\Users\user\Documents\lyric video job
2020-05-18 22:20 - 2020-05-18 22:20 - 000000000 ____D C:\Users\user\Desktop\TronScript
2020-05-17 23:35 - 2020-05-17 13:49 - 000203088 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2020-05-17 20:44 - 2020-05-22 19:07 - 000000000 ____D C:\Users\user\Documents\real to me cover
2020-05-17 16:25 - 2020-05-17 16:25 - 000000000 ____D C:\Users\user\AppData\Roaming\Founntain
2020-05-17 16:25 - 2020-05-17 16:25 - 000000000 ____D C:\Users\user\AppData\Local\Founntain
2020-05-17 16:21 - 2020-05-17 16:34 - 000000000 ____D C:\Users\user\Downloads\osuplayerplus
2020-05-17 16:07 - 2020-05-17 16:07 - 000000000 ____D C:\Users\user\osuMPlayer
2020-05-17 13:36 - 2020-05-18 07:01 - 000000000 ____D C:\Program Files\McAfee
2020-05-17 13:36 - 2020-05-17 13:36 - 000000000 ____D C:\Quarantine
2020-05-17 13:35 - 2020-05-17 14:13 - 000000000 ____D C:\Program Files\stinger
2020-05-17 07:07 - 2020-05-17 07:07 - 000000000 ____D C:\Users\user\deemix Music
2020-05-17 07:07 - 2020-05-17 07:07 - 000000000 ____D C:\Users\user\AppData\Roaming\deemix
2020-05-17 06:55 - 2020-05-17 06:55 - 000000000 ____D C:\Users\user\Downloads\deemix-master
2020-05-16 16:48 - 2020-05-16 16:48 - 000000000 ____D C:\Users\user\Downloads\CPU_Unparking_Tool
2020-05-14 07:09 - 2020-05-14 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-05-13 10:18 - 2020-05-13 11:37 - 004865725 _____ C:\Users\user\Desktop\ninja goat.psd
2020-05-12 20:18 - 2020-05-12 20:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-05-12 20:18 - 2020-05-12 20:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-05-12 20:18 - 2020-05-12 20:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-05-12 20:18 - 2020-05-12 20:18 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-05-11 15:19 - 2020-05-11 15:32 - 029832366 _____ C:\Users\user\Downloads\mpv-0.32.0-x86_64.7z
2020-05-11 15:17 - 2020-05-11 15:33 - 000000000 ____D C:\Users\user\Downloads\mpv
2020-05-11 15:17 - 2020-05-11 15:17 - 000043236 _____ C:\Users\user\Downloads\mpv-install-master.zip
2020-05-11 15:16 - 2020-05-11 15:16 - 000000721 _____ C:\Users\user\Downloads\raw.githubusercontent.com_eXmendiC_stuff_master_input.conf
2020-05-11 15:13 - 2020-05-11 15:13 - 000002953 _____ C:\Users\user\Downloads\bootstrapper.zip
2020-05-10 13:23 - 2020-05-10 13:23 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-05-10 13:23 - 2020-05-10 13:23 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-05-10 12:00 - 2020-05-10 12:00 - 000000000 ____D C:\Users\user\AppData\Local\Gaijin
2020-05-10 12:00 - 2020-05-10 12:00 - 000000000 ____D C:\ProgramData\Gaijin
2020-05-10 11:59 - 2020-05-11 07:56 - 000000000 ____D C:\Users\user\AppData\Local\WarThunder
2020-05-10 11:59 - 2020-05-10 11:59 - 000002071 _____ C:\Users\user\Desktop\WarThunder.lnk
2020-05-10 11:59 - 2020-05-10 11:59 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2020-05-10 11:55 - 2020-05-10 11:56 - 007695312 _____ (Gaijin Entertainment ) C:\Users\user\Downloads\wt_launcher_1.0.3.230-vsir07bdc.exe
2020-05-09 12:33 - 2020-05-09 12:34 - 000000000 ____D C:\Program Files (x86)\PC Commander
2020-05-09 12:33 - 2020-05-09 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Commander
2020-05-09 11:55 - 2020-05-09 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFolders
2020-05-09 11:55 - 2020-05-09 11:55 - 000000000 ____D C:\Program Files\MyFolders
2020-05-09 11:51 - 2020-05-09 11:51 - 000000000 ____D C:\Users\user\AppData\Local\CodeLine
2020-05-09 11:51 - 2020-05-09 11:51 - 000000000 ____D C:\ProgramData\FileToFolder.Common
2020-05-09 11:51 - 2020-05-09 11:51 - 000000000 ____D C:\ProgramData\CodeLine.Toolbox
2020-05-09 11:51 - 2020-05-09 11:51 - 000000000 ____D C:\ProgramData\CodeLine.AppAdminSetup
2020-05-09 11:29 - 2020-05-09 11:43 - 000000000 ____D C:\Users\user\Documents\Quick Access Popup
2020-05-09 11:29 - 2020-05-09 11:29 - 000000000 ____D C:\ProgramData\Quick Access Popup
2020-05-09 10:09 - 2020-05-09 10:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-05-08 22:16 - 2020-05-10 06:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-05-08 16:02 - 2020-05-08 16:02 - 000000000 ____D C:\Users\user\My CamSpace Games
2020-05-08 15:42 - 2020-05-08 16:02 - 000000000 ____D C:\Users\user\AppData\LocalLow\CamSpace
2020-05-08 15:39 - 2020-05-08 16:02 - 000000000 ____D C:\Users\user\AppData\Local\CamSpace
2020-05-08 15:39 - 2020-05-08 15:39 - 000000000 ____D C:\Users\user\AppData\Local\Common
2020-05-08 13:26 - 2020-05-08 13:28 - 000000000 ____D C:\Users\user\AppData\Local\osulazer
2020-05-06 16:31 - 2020-05-11 21:37 - 000000000 ____D C:\Users\user\Downloads\mozillahistoryview-x64
2020-05-05 08:15 - 2020-05-05 08:17 - 000001354 _____ C:\Users\user\Desktop\EmptyStandbyList.exe.lnk
2020-05-04 20:19 - 2020-05-04 20:21 - 009492658 _____ C:\Users\user\Downloads\FreeAlpha-330.zip
2020-05-04 17:20 - 2020-05-04 17:20 - 000000000 ____D C:\Users\user\AppData\Roaming\Plugin Boutique
2020-05-04 16:59 - 2020-05-05 21:55 - 000000000 ____D C:\Users\user\AppData\Roaming\Scaler
2020-05-04 16:31 - 2020-05-04 16:31 - 000000000 ____D C:\Users\Public\Documents\Plugin Boutique
2020-05-04 16:31 - 2020-05-04 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Boutique
2020-05-04 16:31 - 2020-05-04 16:31 - 000000000 ____D C:\ProgramData\Documents\Plugin Boutique
2020-05-04 16:31 - 2020-05-04 16:31 - 000000000 ____D C:\Program Files\Steinberg
2020-05-04 16:31 - 2020-05-04 16:31 - 000000000 ____D C:\Program Files\Plugin Boutique
2020-05-03 21:58 - 2020-05-03 21:58 - 000000000 ____D C:\Users\user\AppData\Local\com.add0n.node
2020-05-03 21:36 - 2020-05-03 21:40 - 000774792 _____ C:\Users\user\Downloads\160413W.rar
2020-05-02 11:37 - 2020-05-02 11:39 - 008130511 _____ C:\Users\user\Downloads\B00C2FRR1G.epub
2020-04-29 11:24 - 2020-05-23 07:59 - 000000000 ____D C:\Users\user\Documents\soul eater AMV thing
2020-04-29 11:22 - 2020-04-29 11:23 - 000308368 _____ C:\Users\user\Downloads\Project 22 Resonance Full Mastering.mp3.sfk
2020-04-29 09:54 - 2020-04-29 09:54 - 000108368 _____ C:\Users\user\Downloads\Announcer_wakeup_powerup02.wav
2020-04-29 09:51 - 2020-04-29 09:51 - 000786476 _____ C:\Users\user\Downloads\download(3).wav
2020-04-29 09:51 - 2020-04-29 09:51 - 000350252 _____ C:\Users\user\Downloads\download(4).wav
2020-04-29 09:49 - 2020-04-29 09:50 - 000708652 _____ C:\Users\user\Downloads\download(2).wav
2020-04-27 09:01 - 2020-04-27 09:01 - 000000000 ___DL C:\Users\user\AppData\Roaming\Ryujinx
2020-04-27 06:43 - 2020-04-27 06:43 - 000001236 _____ C:\Users\user\AppData\Local\recently-used.xbel
2020-04-26 12:57 - 2020-04-26 12:57 - 000000000 ____D C:\Users\user\AppData\Local\gtk-3.0
2020-04-24 22:49 - 2020-05-23 07:16 - 000000000 ____D C:\Users\user\AppData\Local\Krisp
2020-04-24 22:49 - 2020-04-24 22:50 - 000000000 ____D C:\Program Files\Krisp
2020-04-24 22:49 - 2020-04-24 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krisp
2020-04-23 19:19 - 2020-04-23 19:19 - 000756497 _____ C:\Users\user\Downloads\Stephan F - Astronomia 2K19 (Extended Mix).mp3.asd
2020-04-23 14:56 - 2020-04-24 15:00 - 000000000 ____D C:\Users\user\Documents\astronomia other room
2020-04-23 14:31 - 2020-04-23 14:31 - 000608221 _____ C:\Users\user\Downloads\Vicetone - Astronomia.mp3.asd
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-23 15:07 - 2019-10-31 02:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-23 13:48 - 2019-03-19 12:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-23 13:29 - 2019-03-19 12:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-23 08:55 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-23 08:00 - 2018-01-24 04:49 - 000000000 ____D C:\Users\user\AppData\Local\VEGAS Pro
2020-05-23 07:59 - 2019-09-26 08:57 - 000000000 ____D C:\Users\user\Documents\roar
2020-05-23 07:59 - 2018-07-07 14:39 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2020-05-23 07:23 - 2017-11-19 07:51 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2020-05-23 07:14 - 2019-09-11 08:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-23 07:13 - 2019-10-31 03:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-23 07:13 - 2018-08-12 21:04 - 000077824 _____ C:\WINDOWS\KMSEmulator.exe
2020-05-23 02:54 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-23 02:54 - 2017-07-21 03:56 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2020-05-23 02:53 - 2018-01-23 19:21 - 000000000 ____D C:\Users\user\AppData\Roaming\Sony
2020-05-22 18:02 - 2018-04-01 07:36 - 000000000 ____D C:\Users\user\Documents\OFX Presets
2020-05-22 06:50 - 2017-11-19 07:54 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2020-05-21 10:24 - 2018-01-01 13:21 - 000000000 ____D C:\Users\user\AppData\Local\FXHOME Helper
2020-05-20 07:08 - 2018-01-24 04:50 - 000000000 ____D C:\ProgramData\VEGAS Pro
2020-05-19 10:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-18 19:34 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-18 19:34 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-18 16:29 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-18 07:46 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-18 07:16 - 2019-10-09 21:52 - 000000000 ____D C:\Users\user\Desktop\shortcuts
2020-05-18 07:16 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-18 07:16 - 2018-01-12 18:56 - 000000000 ____D C:\Users\user\Desktop\others
2020-05-18 07:16 - 2018-01-12 18:17 - 000000000 ____D C:\Users\user\Desktop\JJ
2020-05-18 07:14 - 2018-04-07 17:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-05-17 20:29 - 2019-02-25 12:01 - 000000000 ____D C:\Users\user\AppData\Roaming\qBittorrent
2020-05-17 20:27 - 2017-12-31 10:24 - 000000000 ____D C:\Users\user\AppData\Roaming\audacity
2020-05-17 10:37 - 2017-11-19 07:43 - 000000000 ____D C:\Users\user\AppData\Roaming\Adobe
2020-05-17 09:10 - 2018-01-02 22:07 - 000000000 ____D C:\Users\user\AppData\Roaming\HandBrake
2020-05-17 08:09 - 2020-02-13 23:13 - 000885224 _____ (TENCENT) C:\WINDOWS\system32\UniFairy.sys
2020-05-17 07:37 - 2020-02-13 19:23 - 000000000 ____D C:\Program Files\Honkai Impact 3
2020-05-15 10:00 - 2019-11-30 05:59 - 000000000 ____D C:\Users\user\AppData\Local\KeePassXC
2020-05-14 22:01 - 2018-01-26 04:36 - 000000000 ___RD C:\Users\user\AppData\Local\osu!
2020-05-14 14:03 - 2019-11-19 18:31 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2020-05-14 08:14 - 2019-12-01 08:40 - 000000000 ___RD C:\Users\user\Dropbox
2020-05-14 07:09 - 2018-01-01 09:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-05-13 09:15 - 2019-04-23 11:33 - 000000000 ____D C:\Users\user\Downloads\Locale.Emulator.2.4.0.0
2020-05-12 19:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-12 19:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-11 16:46 - 2019-11-02 16:44 - 000000000 ____D C:\Users\user\AppData\Roaming\mpv
2020-05-10 11:59 - 2017-12-31 21:27 - 000000000 ____D C:\Users\user\Documents\My Games
2020-05-10 10:51 - 2019-10-31 03:52 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1146839202-1379869753-156225255-1001
2020-05-10 10:51 - 2019-10-31 03:18 - 000002411 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-10 10:51 - 2017-11-19 07:46 - 000000000 ___RD C:\Users\user\OneDrive
2020-05-10 06:31 - 2019-11-17 19:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-09 12:13 - 2019-05-30 10:43 - 000000000 ____D C:\Users\user\Downloads\Everything-1.4.1.935.x64
2020-05-09 11:50 - 2018-04-24 15:38 - 000000000 ____D C:\Users\user\AppData\Local\Downloaded Installations
2020-05-09 11:08 - 2018-01-01 20:50 - 000000000 ____D C:\Users\user\.cache
2020-05-09 10:08 - 2019-11-17 19:09 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-08 14:19 - 2019-10-31 17:05 - 000492962 _____ C:\WINDOWS\system32\perfh011.dat
2020-05-08 14:19 - 2019-10-31 17:05 - 000137364 _____ C:\WINDOWS\system32\perfc011.dat
2020-05-08 14:19 - 2019-10-31 03:32 - 001451806 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-08 14:02 - 2018-05-18 08:25 - 000000000 ____D C:\Users\user\AppData\Roaming\IDM
2020-05-08 13:29 - 2020-04-13 14:42 - 000000000 ____D C:\Users\user\AppData\Roaming\osu
2020-05-08 13:28 - 2020-04-13 14:42 - 000002253 _____ C:\Users\user\Desktop\osu!lazer.lnk
2020-05-08 13:28 - 2018-11-17 08:14 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ppy Pty Ltd
2020-05-08 13:28 - 2018-01-13 21:41 - 000000000 ____D C:\Users\user\AppData\Local\SquirrelTemp
2020-05-05 22:23 - 2018-01-13 06:13 - 000000000 ____D C:\ProgramData\Ableton
2020-05-05 08:17 - 2018-04-14 11:52 - 000007592 _____ C:\Users\user\AppData\Local\Resmon.ResmonCfg
2020-05-04 21:13 - 2018-08-07 22:15 - 000000000 ___HD C:\Users\user\AppData\Local\{ABBDEAEF-5AED-4c34-A22D-057A13C52D1E}
2020-05-04 16:49 - 2018-01-13 17:42 - 000000000 ____D C:\VST Plugins
2020-05-04 16:31 - 2018-08-16 19:55 - 000000000 ____D C:\Program Files\Common Files\VST3
2020-05-03 21:50 - 2018-05-18 08:25 - 000000000 ____D C:\Users\user\AppData\Roaming\DMCache
2020-05-01 09:11 - 2018-02-19 21:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-29 14:38 - 2019-08-22 21:46 - 000000000 ____D C:\Users\user\Documents\grade 10 1st honors
2020-04-29 13:55 - 2018-09-04 18:47 - 000000000 ____D C:\Users\user\AppData\Roaming\spek
2020-04-29 13:52 - 2018-03-18 21:22 - 000000000 ____D C:\Users\user\Downloads\Video
2020-04-28 22:51 - 2019-12-28 16:03 - 000000000 ____D C:\Users\user\AppData\Roaming\ImageGlass
2020-04-27 18:12 - 2019-06-01 08:16 - 000000000 ____D C:\Users\user\AppData\Roaming\Discord
2020-04-27 06:54 - 2018-03-18 17:54 - 000000000 ____D C:\Users\user\Downloads\Thumper
2020-04-24 22:44 - 2020-02-23 16:15 - 000000000 ____D C:\Users\user\AppData\Roaming\Spotify
2020-04-24 14:54 - 2020-02-23 16:20 - 000000000 ____D C:\Users\user\AppData\Local\Spotify
2020-04-24 14:20 - 2020-04-22 09:03 - 000000000 ____D C:\Users\user\Documents\epic outro 2020
2020-04-23 15:48 - 2020-04-18 18:21 - 000000000 ____D C:\Users\user\Documents\osu pp counter tutorial
==================== Files in the root of some directories ========
2019-10-11 05:03 - 2019-10-11 05:03 - 000000429 _____ () C:\Program Files\hidden.txt
2019-10-11 04:51 - 2019-10-11 04:51 - 000004473 _____ () C:\Program Files\listttt.txt
2019-10-11 05:03 - 2019-10-11 05:03 - 000000313 _____ () C:\Program Files\Shidden.txt
2018-04-11 19:17 - 2018-05-04 14:07 - 000000114 _____ () C:\Users\user\AppData\Roaming\Camdata.ini
2018-04-11 19:17 - 2018-05-04 14:07 - 000000408 _____ () C:\Users\user\AppData\Roaming\CamLayout.ini
2018-04-11 19:17 - 2018-05-04 14:07 - 000000408 _____ () C:\Users\user\AppData\Roaming\CamShapes.ini
2018-04-11 19:17 - 2018-05-04 14:07 - 000004520 _____ () C:\Users\user\AppData\Roaming\CamStudio.cfg
2019-04-07 14:31 - 2019-04-10 18:38 - 000003217 _____ () C:\Users\user\AppData\Roaming\fx_levels.json
2018-02-05 19:34 - 2019-10-27 08:58 - 000004635 _____ () C:\Users\user\AppData\Roaming\VoiceMeeterDefault.xml
2018-11-30 07:57 - 2020-03-13 09:52 - 000001456 _____ () C:\Users\user\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-12-19 15:55 - 2018-12-19 15:55 - 000000046 _____ () C:\Users\user\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
2019-10-10 20:13 - 2019-10-10 21:22 - 000008213 _____ () C:\Users\user\AppData\Local\LayoutModification.xml
2020-01-11 10:43 - 2020-02-21 09:54 - 000000128 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2020-04-27 06:43 - 2020-04-27 06:43 - 000001236 _____ () C:\Users\user\AppData\Local\recently-used.xbel
2018-04-14 11:52 - 2020-05-05 08:17 - 000007592 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2019-07-31 18:53 - 2019-07-31 18:53 - 000000003 _____ () C:\Users\user\AppData\Local\updater.log
2019-07-31 18:53 - 2019-07-31 18:53 - 000000424 _____ () C:\Users\user\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Источник: [https://torrent-igruha.org/3551-portal.html]
NordVPN 6.31.13.0 Crack Serial Key Free Download 2020 [Mac/Win] NordVPN Crack is an assurance programming that gives you security from the programmers to take your own information. It is a private organization programming. As we realize that, the programs are dynamic now daily. They have every one of those traps by which they can control your framework and additionally… Read More »
VPN
free vpn for pchow to downloads how to install NordVPN 6.50 Crack activation keyhow to downloads how to install NordVPN 6.50 Crack license keyhow to downloads how to install NordVPN 6.50 Crack serial keyhow to install NordVPN 6.50 Crack activation keyhow to install NordVPN 6.50 Crack registration keyhow to install NordVPN 6.50 Crack serial keynord vpn license keyNordVPNNordVPN 6.18.9 CrackNordVPN 6.18.9 Crack actication keyNordVPN 6.18.9 Crack license keyNordVPN 6.18.9 Crack registration keyNordVPN 6.18.9 Crack serial keyNordVPN 6.22.6.0 CrackNordVPN 6.22.6.1 CrackNordVPN 6.31.13.0 Crack APK Mod 2020NordVPN 6.50 CrackNordVPN 6.50 Crack activationNordVPN 6.50 Crack activation codeNordVPN 6.50 Crack activation keyNordVPN 6.50 Crack activation numberNordVPN 6.50 Crack codeNordVPN 6.50 Crack full versionNordVPN 6.50 Crack keyNordVPN 6.50 Crack licenseNordVPN 6.50 Crack license codeNordVPN 6.50 Crack license keyNordVPN 6.50 Crack license numberNordVPN 6.50 Crack numberNordVPN 6.50 Crack productNordVPN 6.50 Crack product keyNordVPN 6.50 Crack product numberNordVPN 6.50 Crack registrationNordVPN 6.50 Crack registration codeNordVPN 6.50 Crack registration kryyNordVPN 6.50 Crack registration numberNordVPN 6.50 Crack searial keyNordVPN 6.50 Crack serailNordVPN 6.50 Crack serail codeNordVPN 6.50 Crack serail keyNordVPN 6.50 Crack serail numberNordVPN CrackNordVPN Crack codeNordVPN Crack full versionNordVPN Crack keyNordVPN Crack latest 2018NordVPN Crack numbernordvpn crack onhaxnordvpn downloadnordvpn firestickNordVPN macNordVPN PatchNordVPN premiumnordvpn premium accountNordVPN serial keyNordVPN torrentNordVPN winNordVPN with crackvpn protection
Источник: [https://torrent-igruha.org/3551-portal.html]What’s New in the NordVPN 6.18 patch Archives?
Screen Shot
System Requirements for NordVPN 6.18 patch Archives
- First, download the NordVPN 6.18 patch Archives
-
You can download its setup from given links:
NordVPN 6.18 patch Archives & Software
NordVPN 6.18 patch Archives& PC Free Download
NordVPN 6.18 patch Archives
About Author
