Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018 Ran by Aleph (01-09-2018 13:54:26) Running from C:\Users\Aleph\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-12-17 17:17:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-3310751362-2506820872-2796058767-500 - Administrator - Disabled) Aleph (S-1-5-21-3310751362-2506820872-2796058767-1001 - Administrator - Enabled) => C:\Users\Aleph ASPNET (S-1-5-21-3310751362-2506820872-2796058767-1473 - Limited - Enabled) Gäst (S-1-5-21-3310751362-2506820872-2796058767-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3310751362-2506820872-2796058767-1471 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: ZoneAlarm Free Firewall Firewall (Enabled) {3EB84D8C-4821-F4B8-2DD8-2831FAA29B21} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3D Ripper DX v1.8.2 (HKLM-x32\...\3D Ripper DX_is1) (Version: - Roman Lut) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated) Adobe Connect 9 Add-in (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\Adobe Connect 9 Add-in) (Version: 11,9,974,231 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated) Adobe GoLive CS2 English (HKLM-x32\...\Adobe GoLive CS2 English) (Version: 8.0 - Adobe Systems) Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.5.1 - Advanced Micro Devices, Inc.) Animation Shop 3 (HKLM-x32\...\{4B2B78EC-5111-4C0E-A955-0D84BBA49740}) (Version: 3.0.1.0000 - Jasc Software Inc) Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Apple-programstöd (32-bitar) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.) Apple-programstöd (64-bitar) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Application Profiles (HKLM-x32\...\{A8426044-BED4-8275-A078-EA7259C87FC5}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.) Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk) Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk) Autodesk FBX Converter x64 2013.3 (HKLM-x32\...\Autodesk FBX Converter x64 2013.3) (Version: - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk) Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk) Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 67.1.664.100 - AVAST Software) BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.3.0.18 - Finansiell ID-Teknik BID AB) BESMCG 2 (HKLM-x32\...\BESMCG_is1) (Version: - Ben Bernard & Michael Hewner) Better File Rename 5.6 (HKLM\...\Better File Rename_is1) (Version: - publicspace.net) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform) CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n) Celtx (2.9.7) (HKLM-x32\...\Celtx (2.9.7)) (Version: 2.9.7 (en-US) - Greyfirst) Check Point SBA (HKLM\...\{85A0CE49-6563-4208-86CC-B4297B836283}) (Version: 86.4.4023 - Check Point Software Technologies Ltd.) Hidden Combined Community Codec Pack 2014-01-17 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.01.17.0 - CCCP Project) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.67) (Version: 1.1.0.67 - DAZ 3D) DAZ Install Manager (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\DAZ Install Manager 1.1.0.100) (Version: 1.1.0.100 - DAZ 3D) DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D) DAZ Studio 4.10 (64bit) (HKLM-x32\...\DAZ Studio 4.10 (64bit) 4.10.0.123) (Version: 4.10.0.123 - DAZ 3D) DC++ 0.867 (HKLM-x32\...\DC++) (Version: 0.867 - Jacek Sieka) DDS Converter (HKLM-x32\...\{5F5E193F-D7E8-4BC5-9B23-DE46BE1014DF}_is1) (Version: - ddsconverter.com) Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform) Deluge 1.3.13 (HKLM-x32\...\Deluge) (Version: - ) Dex (HKLM-x32\...\1929434313_is1) (Version: 6.0.0.0 - GOG.com) Discord (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) DivX Pro 6.8.0 VFW (HKLM-x32\...\divx650vfw_is1) (Version: 6.8.0.14 - ) DriveThruRPG (HKLM-x32\...\DriveThruRPG) (Version: 2.0.0 - OneBookShelf) Dropbox (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\Dropbox) (Version: 55.4.171 - Dropbox, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.8 - Poikosoft) EVE Online (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\{a4ce353b-4944-440a-a3aa-1a65e0680c4e}) (Version: 1.0.0 - CCP) EximiousSoft Logo Designer V3.86 (HKLM-x32\...\EximiousSoft Logo Designer_is1) (Version: - EximiousSoft) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) FaceGen Artist Pro 2 64bit (HKLM\...\{19EB7D14-AD0D-4B61-8FD7-D87FC9DAC166}) (Version: 2.0 - Singular Inversions Inc.) FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org) foobar2000 v1.2.6 (HKLM-x32\...\foobar2000) (Version: 1.2.6 - Peter Pawlowski) FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time) Fotogalleriet (HKLM-x32\...\{CD8F936D-7BA3-4902-B0A0-7D96C69E1193}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Gaming Mouse driver (HKLM-x32\...\{18088AB9-2A68-4CE1-9CBE-AC95739EAF60}_is1) (Version: 1.00.00.00 - ) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.) Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hexographer (HKLM-x32\...\Hexographer_0) (Version: - Inkwell Ideas) Honey Select (HKLM-x32\...\Honey Select_is1) (Version: - ) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) itch (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\itch) (Version: 23.4.2 - Itch Corp) iTunes (HKLM\...\{731C8491-D21B-418A-AFC8-61199CCA10DA}) (Version: 12.7.4.80 - Apple Inc.) Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.00.0000 - Jasc Software Inc) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden KeyShot 7 64 bit (HKLM-x32\...\KeyShot 7_64) (Version: 7.0 64 bit - Luxion ApS) KeyShot 7 64 bit (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\KeyShot 7_64) (Version: 7.3 64 bit - Luxion ApS) K-Lite Codec Pack 9.4.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.0 - ) LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes) Läs bruksanvisningen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - ) Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - ) MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - ) Measure Metrics DS4 (64bit) (HKLM-x32\...\Measure Metrics DS4 (64bit) 1.4.0.123) (Version: 1.4.0.123 - DAZ 3D) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) MeshLab_64b 2016 (HKLM-x32\...\MeshLab_64b) (Version: 2016 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version: - ) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9126.2259 - Microsoft Corporation) Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.9126.2259 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools för Office Runtime (x64) Language Pack - SVE (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - SVE) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{5F86FE78-D294-448C-9993-B9AFB62BE456}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla) MP3 Skype recorder (HKLM-x32\...\{DBB52EA7-3390-4764-8CFE-6CF7541FA7FD}) (Version: 4.19.1.0 - Domit LTD) MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team) Mumble 1.2.3 (HKLM-x32\...\{1C9F128C-F465-488E-AC97-B42DCF90C9C1}) (Version: 1.2.3 - Thorvald Natvig) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project) Observer (HKLM-x32\...\1449856523_is1) (Version: 02.07.2018 - GOG.com) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-041D-0000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{46BCB691-9148-4FCB-B215-CCDF70B5D95A}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) Semagic (remove only) (HKLM-x32\...\Semagic) (Version: - ) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\Spotify) (Version: 1.0.87.491.ge2a121fc - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Subtitle Edit 3.4.5 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.5.0 - Nikse) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1206 - SUPERAntiSpyware.com) UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54300.119 - Sonix) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{D7776952-580F-48AE-9ABB-5BCDCC93BD13}) (Version: 1.1.2726.0 - Microsoft Corporation) Windows-drivrutinspaket - Advanced Micro Devices (amdxhc) USB (03/29/2012 1.0.0.0080) (HKLM\...\9C9280ADEC14C8A7A9A495AEB5077AACE55583FF) (Version: 03/29/2012 1.0.0.0080 - Advanced Micro Devices) Windows-drivrutinspaket - Advanced Micro Devices, Inc System (03/16/2011 5.12.0.0015) (HKLM\...\A3A37EC031F134EDD1E9DB40819B1EAD0DB7C844) (Version: 03/16/2011 5.12.0.0015 - Advanced Micro Devices, Inc) Windows-drivrutinspaket - AMD (amd_sata) HDC (04/11/2012 1.2.001.0331) (HKLM\...\FB1D3CA5E82F2B8B832547780586B995B1F942BA) (Version: 04/11/2012 1.2.001.0331 - AMD) Windows-drivrutinspaket - Intel (iaStor) hdc (11/29/2011 11.0.0.1032) (HKLM\...\64A62163FE43328D13305746CB8BCC93F2DF6545) (Version: 11/29/2011 11.0.0.1032 - Intel) Windows-drivrutinspaket - Intel (MEIx64) System (07/02/2012 8.1.0.1263) (HKLM\...\E439B1D292FF1A0DA518129C45F2B8E69DD7D97D) (Version: 07/02/2012 8.1.0.1263 - Intel) Windows-drivrutinspaket - Intel hdc (08/26/2011 9.3.0.1011) (HKLM\...\A7E82C89A6D6643325B95A4FEDAB3DB18640208F) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows-drivrutinspaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows-drivrutinspaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows-drivrutinspaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows-drivrutinspaket - Realtek Semiconductor Corp. HD Audio Driver (06/19/2012 6.0.1.6662) (HKLM\...\4A5EF81C80190F479C6FB16BC8CF595275AAC778) (Version: 06/19/2012 6.0.1.6662 - Realtek Semiconductor Corp.) Windows-drivrutinspaket - Realtek Semiconductor Corp. HD Audio Driver (06/19/2012 6.0.1.6662) (HKLM\...\CDA593BBF3E3B7EC98B5047E919B6A2B7337789F) (Version: 06/19/2012 6.0.1.6662 - Realtek Semiconductor Corp.) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.82 Build 17 - Windscribe Limited) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN) VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg) VueScan x64 (HKLM\...\VueScan x64) (Version: - ) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-4) (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-5) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-4) (Version: 1.0.39.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-3) (Version: 1.0.54.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version: - ) ZenWriter (HKLM-x32\...\{3651A99C-9FA9-49E7-BAAF-60F64BE09F10}_is1) (Version: 2.08 - Beenokle) ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.0534 - Check Point Software) Hidden ZoneAlarm Firewall (HKLM-x32\...\{B136506E-D077-4943-9F0D-B22494BAC3BA}) (Version: 15.3.060.17669 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.3.060.17669 - Check Point) ZoneAlarm Security (HKLM-x32\...\{21085985-346F-4750-B57C-270359D3BB83}) (Version: 15.3.060.17669 - Check Point Software Technologies Ltd.) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001_Classes\CLSID\{fbe8f197-1f8b-475b-9bc4-17e37bda23f0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-02] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-02] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-02] (AVAST Software) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd) ContextMenuHandlers1: [EzCddax] -> {31415D58-4750-4413-A95B-83D151F50040} => C:\Program Files\Easy CD-DA Extractor 16\ezcddax64.dll [2012-01-24] (Poikosoft) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google) ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-02] (AVAST Software) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers4: [EzCddax] -> {31415D58-4750-4413-A95B-83D151F50040} => C:\Program Files\Easy CD-DA Extractor 16\ezcddax64.dll [2012-01-24] (Poikosoft) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google) ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-05-16] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-02] (AVAST Software) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd) ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.) ContextMenuHandlers1_S-1-5-21-3310751362-2506820872-2796058767-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-3310751362-2506820872-2796058767-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-3310751362-2506820872-2796058767-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Aleph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-08-14] (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {120A83F8-4BBE-4B51-847E-9CA99664DA4C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-27] (AVAST Software) Task: {14945662-F802-4509-9D82-83F7FC393C9D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation) Task: {1C44A5C4-713F-4C65-A25B-C3B311E13449} - System32\Tasks\{DDDD6EA5-CE59-4F23-97C7-6C393BBBCB19} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe" Task: {1F3DBC44-8DB5-45A0-912A-7731F832BFA7} - System32\Tasks\{6BC02D98-96EB-4066-81B8-1A0435955A09} => C:\Windows\system32\pcalua.exe -a "C:\Users\Aleph\Dropbox\Programs to keep\Photoshop\CreativeSuiteCS2Disc3.exe" -d "C:\Users\Aleph\Dropbox\Programs to keep\Photoshop" Task: {1F649A0A-7C69-4752-A1F4-35553EF94755} - System32\Tasks\{41D22AC5-3E09-49D7-BDC9-644539237CAB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/214870 Task: {24975A93-B422-45AC-8FBE-0F444EF7A54F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-27] (AVAST Software) Task: {31C73821-8F0E-4755-A355-A163B5262C0D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-21] (Microsoft Corporation) Task: {342D699D-76FA-4BF9-91BE-F653E9887270} - System32\Tasks\{49B699E1-8960-4ED0-B3E3-CFB265BB56DA} => C:\Windows\system32\pcalua.exe -a "C:\Users\Aleph\Dropbox\Programs to keep\Photoshop\CS_2.0_WWE_Extras_1.exe" -d "C:\Users\Aleph\Dropbox\Programs to keep\Photoshop" Task: {350D2DC0-EB43-4086-9E5D-886DE88722E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation) Task: {3ED3A0C1-8960-4C27-AC28-725F1201ACEF} - System32\Tasks\{9CA2848E-1FD4-4B5A-A21B-498244A37CEE} => C:\Windows\system32\pcalua.exe -a "E:\The Movies\setup.exe" -d "E:\The Movies" Task: {42F14E57-ACFD-4DA4-B2E6-1AFCC65AA33C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3310751362-2506820872-2796058767-1001UA => C:\Users\Aleph\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {4682BD7B-6F12-48DB-BD39-C37E86F738A6} - System32\Tasks\{B314C4A5-6E1F-493F-A0F2-9CE70BD82F27} => F:\TRANSFER-desktp\MOV\STOFF\Game\XPS 11.8\XNALara_XPS\XNALara XPS.exe Task: {5CF4B848-F71B-4977-A776-7291121D1AED} - System32\Tasks\{54485E99-56DF-419D-9866-1652622604E8} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE Task: {60C488F6-E3B3-48F4-954A-66D5BF021048} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {61C85B38-4080-41F8-A416-DC70C2A53087} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {64C288BC-6753-4B39-8193-2F5A149199FE} - System32\Tasks\{71A877CF-CB8A-4191-BA7F-54B5F3704A95} => C:\Windows\system32\pcalua.exe -a "C:\Users\Aleph\Dropbox\Programs to keep\Photoshop\CreativeSuiteCS2Disc2.exe" -d "C:\Users\Aleph\Dropbox\Programs to keep\Photoshop" Task: {665BD176-B900-4465-BFB2-287B346D9493} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft) Task: {68CD2422-56CF-4D30-8E0F-A6C2A699D79D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation) Task: {68DE812F-B33A-43E5-AEC8-4A0E1506D7A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7172101F-C7D7-4A4B-9785-047ACC0E2367} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3310751362-2506820872-2796058767-1001Core => C:\Users\Aleph\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {76788286-494B-44BD-A598-8F492CB026DB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-02] (AVAST Software) Task: {79A2FE5B-B201-4184-974F-E4F7CA2305F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-24] (Adobe Systems Incorporated) Task: {8EDA549B-7B1D-4725-924C-D9A58FBBAA3F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {991ACE5D-2AC0-4CAA-9259-C8A1153EFD36} - System32\Tasks\{A05DB304-37A2-4881-8CCF-31E18DF3053A} => C:\Windows\system32\pcalua.exe -a C:\Users\Aleph\AppData\Local\Temp\VSD7790.tmp\DotNetFx35Client\DotNetFx35ClientSetup.exe -d C:\Users\Aleph\Downloads -c /lang:enu /passive /norestart <==== ATTENTION Task: {9C0C383A-87B7-4072-96ED-3176AA622A9B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3310751362-2506820872-2796058767-1001 Task: {9C161CD1-3B09-4BE6-8221-75F0438552D3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-21] (Microsoft Corporation) Task: {A0EFD003-6CF9-476E-B153-76FAEE9C68F0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd) Task: {A58A4462-2B3A-4E66-ADAC-ED93C905D640} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-05] (AVAST Software) Task: {AA6D2B4B-CC20-4B9D-B19D-D6420C1FB6B0} - System32\Tasks\{38A80E44-AC81-4086-9D7E-2BB156735713} => C:\Windows\system32\pcalua.exe -a "C:\Creative Suite CS2\Adobe Creative Suite 2.0\Setup.exe" -d "C:\Creative Suite CS2\Adobe Creative Suite 2.0" Task: {AC8BA700-24FA-42C1-973F-CEFE3A342634} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-05-16] (Advanced Micro Devices, Inc.) Task: {BE406503-B4DB-4340-9402-879092B76A29} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-05-16] (Advanced Micro Devices, Inc.) Task: {BEE23610-334B-4C40-B844-9E3376163BC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {C3AD15F3-A8C7-4712-9937-D04008249054} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd) Task: {C53FBFEE-083F-483B-B8C0-D9C3D6FD3F8C} - System32\Tasks\{3B0959D2-D3E9-4F5D-BB2B-59395C7130A6} => C:\Windows\system32\pcalua.exe -a "F:\Rom - Emulation\Dreamcast Emu\Action_Replay_CDX_PAL_DC-GENESIA\gen-cdx.exe" -d "F:\Rom - Emulation\Dreamcast Emu\Action_Replay_CDX_PAL_DC-GENESIA" Task: {D5D8B626-AA43-470A-9995-2D1B8AF6621D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {D8FB379C-3964-4D32-ABBF-8A2F192BA500} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation) Task: {E2D9D539-9A48-4091-95E0-842E99B33F74} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3310751362-2506820872-2796058767-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe Task: {E75020D0-4200-4FA9-907F-498FD805761E} - System32\Tasks\{F328DD3D-227C-409F-96DE-81B27D9788E0} => C:\Windows\system32\pcalua.exe -a "C:\STUFF\BT\Dungeons and Dragons 4ed Character Builder\CB_(11)Nov_2009.exe" -d "C:\STUFF\BT\Dungeons and Dragons 4ed Character Builder" Task: {E7E05040-7778-466D-A3E4-8C7EA99BCBA2} - System32\Tasks\{F252B940-6C64-473C-AC45-E08A3840C1AF} => C:\Windows\system32\pcalua.exe -a "C:\STUFF\BT\Dungeons and Dragons 4ed Character Builder\CB_(04)Apr_2009.exe" -d "C:\STUFF\BT\Dungeons and Dragons 4ed Character Builder" Task: {F0EA3F44-4C19-4D04-A510-12C82BC86E4B} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-07-26] (AVAST Software) Task: {F2EFD6D2-D02C-41CF-8A76-2AC508BEC43E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-21] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3310751362-2506820872-2796058767-1001Core.job => C:\Users\Aleph\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3310751362-2506820872-2796058767-1001UA.job => C:\Users\Aleph\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Aleph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyShot 7 64\Documentation\KeyShot Manual.lnk -> hxxp://keyshot.com/manual/keyshot7/KeyShot_7_Manual.pd Shortcut: C:\Users\Aleph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZStudio4\Online Documentation.lnk -> hxxp:docs.daz3d.com\doku.php\public\software\dazstudio Shortcut: C:\Users\Aleph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481 ==================== Loaded Modules (Whitelisted) ============== 2014-12-22 10:18 - 2014-12-22 10:18 - 000029184 _____ () C:\Windows\System32\ssj2mlm.dll 2016-09-15 08:19 - 2016-09-15 08:19 - 000031256 _____ () C:\Windows\System32\us005lm.dll 2016-02-15 18:51 - 2014-05-11 23:51 - 001691648 ____H () C:\Program Files (x86)\Gaming Mouse driver\trayicon.exe 2018-05-30 18:13 - 2018-05-30 18:13 - 000045936 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe 2018-03-20 08:49 - 2018-03-20 08:49 - 000035064 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe 2018-07-02 16:39 - 2018-07-02 16:39 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-08-18 14:34 - 2018-08-18 14:34 - 005674128 _____ () C:\Program Files\AVAST Software\Avast\defs\18081802\algo.dll 2018-07-02 16:39 - 2018-07-02 16:39 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2018-07-02 16:40 - 2018-07-02 16:40 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll 2018-07-02 16:39 - 2018-07-02 16:39 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-07-02 16:39 - 2018-07-02 16:39 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-07-09 15:04 - 2018-06-26 13:10 - 000071168 _____ () C:\Program Files (x86)\Windscribe\zlib1.dll 2018-02-05 20:44 - 2018-06-26 13:10 - 001603072 _____ () C:\Program Files (x86)\Windscribe\libGLESv2.dll 2018-01-24 14:02 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll 2018-03-02 04:46 - 2018-03-02 04:46 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-07-02 16:39 - 2018-07-02 16:39 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2016-02-15 18:51 - 2014-05-11 23:51 - 000081408 ____H () C:\Program Files (x86)\Gaming Mouse driver\HidDevice.dll 2014-09-21 16:49 - 2017-05-16 18:51 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-09-21 16:49 - 2017-01-31 10:25 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-09-21 16:49 - 2017-01-31 10:25 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-09-21 16:49 - 2017-01-31 10:25 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2018-03-22 19:42 - 2018-03-22 19:42 - 000063224 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\FileOperationsWrapperLib.dll 2018-03-22 19:42 - 2018-03-22 19:42 - 000059128 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\FileOperationsLib.dll 2018-03-22 19:42 - 2018-03-22 19:42 - 000153336 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\TPCommonCLI.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [132] AlternateDataStreams: C:\ProgramData\TEMP:66E02052 [123] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7937 more sites. IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\...\123simsen.com -> www.123simsen.com There are 7937 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2017-07-06 15:23 - 000454438 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15596 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3310751362-2506820872-2796058767-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aleph\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Aleph^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup MSCONFIG\startupreg: Amazon Music => "C:\Users\Aleph\AppData\Local\Amazon Music\Amazon Music Helper.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: GalaxyClient => MSCONFIG\startupreg: googletalk => C:\Users\Aleph\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\Aleph\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{3DE17E55-8D90-48E0-8313-8B399F178728}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{04360C5E-9A74-4575-9B78-EA1732B7CE88}] => (Allow) LPort=2869 FirewallRules: [{E4FE73A8-664C-4CFF-8F71-65189654B118}] => (Allow) LPort=1900 FirewallRules: [{19B20B50-E5B0-4021-9A9A-F0DF3A86F37B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{84FD02FE-EEC9-4D07-B058-9EBD95FDE38F}] => (Allow) C:\Users\Aleph\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{6576940C-F93B-4826-BE79-8EF92F64853C}] => (Allow) C:\Users\Aleph\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{9C718727-4F4C-4F1A-A59B-F244DA4CFDBC}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe FirewallRules: [UDP Query User{3442131A-C882-4AAF-AC12-CE8E3AF33C0F}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe FirewallRules: [{AA476BF8-0F08-4613-8E53-1FF0163CCCC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F77DB71F-D4CF-429C-9466-B4A5FAC09228}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{E9767327-FCB2-4C28-8573-C162E28C4F50}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [UDP Query User{6C179AA9-3DAE-4237-8E22-94BC829948D6}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [{EABF19A1-EF1D-4672-BD4E-F1635AE0F946}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{ABE60CC9-5CA2-42DA-A54E-BE5FD1B2B1BC}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{B9C74BE2-8293-4CFD-9F68-ED4F6252F680}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [TCP Query User{AF1EF9CC-712A-459A-9475-2DB69757C261}C:\program files (x86)\steam\steamapps\common\champions online\champions online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\champions online\champions online\live\gameclient.exe FirewallRules: [UDP Query User{76CAF6B4-213C-4BA8-8F48-63C6020A5AAC}C:\program files (x86)\steam\steamapps\common\champions online\champions online\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\champions online\champions online\live\gameclient.exe FirewallRules: [TCP Query User{FFE58518-BD60-435E-9EF7-B28DF13EDE6F}C:\users\aleph\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\aleph\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{91B46927-4E75-4553-9C17-1588DAA4754F}C:\users\aleph\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\aleph\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{D24CDA60-3843-4AFD-BCBA-AF526A7E5D62}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe FirewallRules: [UDP Query User{538FF651-9EAA-4D5A-9C68-3479F94F629B}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe FirewallRules: [TCP Query User{9C39BC43-6755-4977-BED5-ECC67397DAC1}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [UDP Query User{8C322DE2-71B0-4AE2-BCE0-80B75FE147A2}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [{CDF55236-53B2-43E8-BA29-4AB615CB533C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{6AFC9FAB-E399-4EFD-A4AA-27ED16068068}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{E1162B2A-579D-42C6-9A13-37AA5BC98CD5}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{FCF24ECE-8F1F-42DD-8F91-BD91E231E2D6}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{2ABD2306-41B7-455F-94E9-501934B3E729}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{65AE174A-3890-43FE-82E7-10B8FB2CDCED}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{7D189ACF-5AA2-45AC-8B30-B0D2C38AAA1F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{1E3186DD-3F65-4220-854E-5048AB26B57F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gods Will Be Watching\gwbw.exe FirewallRules: [{09323FA6-717E-4DAB-AD2D-E74E7F862BC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gods Will Be Watching\gwbw.exe FirewallRules: [{907EEB15-168A-4B27-9840-16B89724F7CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CostumeQuest2\CostumeQuest2.exe FirewallRules: [{9D163E6C-3FA7-4456-A767-593360C00555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CostumeQuest2\CostumeQuest2.exe FirewallRules: [{C1337189-002B-4495-A7D6-5A16C527BA39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CostumeQuest2\CostumeQuest2_DX9.exe FirewallRules: [{D4A065E7-4F47-4ED3-B1A9-2CB25B0FA8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CostumeQuest2\CostumeQuest2_DX9.exe FirewallRules: [{9EAF9D96-608A-4739-BD49-F87B1D98E311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChromaSquad\chromasquad.exe FirewallRules: [{2D64CAE9-697F-4ADA-99AB-AEBA97190682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChromaSquad\chromasquad.exe FirewallRules: [{DA92A456-9DB9-4F1F-AE5A-39C0A2127AF0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{3C6E6A51-37D8-4260-9897-84456F77397B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{E8ABC96F-89A0-4C67-A275-8B632C2FE280}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7010AD98-5493-4382-BF30-FF0734B62B04}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CC928867-221E-4BF8-8913-F664F9CBDE7E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{78F21AAC-FB86-49A0-B7AB-7CF9250648B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [TCP Query User{32DB7618-A8E0-40B9-8759-85DBDF56A8A3}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe FirewallRules: [UDP Query User{E5A7B6E6-E245-4A7E-81A5-803DD29A72AF}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe FirewallRules: [{BD0E2359-CE6D-4DBF-8332-4B729DC2584F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{129BBD4C-1A13-49C6-80D6-41F7031D8AE1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B3E7FF10-526D-42ED-9ED3-0288DB766834}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6631E069-D073-4DDE-91F1-3F7779919F95}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3F2E0CB9-EB55-48C5-849C-A3B63BBBC068}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AEAE0474-BAA9-4237-A745-1FE10BDA5DA8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5AAAFC9E-E698-4807-B727-F500A135B015}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{34CD51EE-23F8-49F4-8AB3-9C0EAC2AA7AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BFB2CD14-0E09-4C15-9BD8-90B2BF36B21B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{55E0CDAB-C3A1-4A18-9AE1-8A7FF7BC0BAC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{1076DCC5-0121-4651-816A-3AF7CEEEAB49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{21082821-B665-4BFC-AB1A-0E570E912C81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [TCP Query User{FA46E7C9-1C4F-402A-A017-D3AC92B6DA37}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe FirewallRules: [UDP Query User{2B3D9A02-BEE3-41CA-AD38-31D1A1AF5247}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe FirewallRules: [TCP Query User{31B5720F-F1AF-48B2-A606-132D0D642139}C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe FirewallRules: [UDP Query User{7E08AA5D-0D07-4767-9C84-FC33ADE72375}C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe FirewallRules: [{64CB871F-1A74-46EE-80E8-6A5A832CDA4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOMO_US\Main\DOMO.exe FirewallRules: [{21D0CBA0-850C-401C-903C-8AA958D6EF49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOMO_US\Main\DOMO.exe FirewallRules: [TCP Query User{B80162CF-51E7-4DEE-A832-59946B5A293E}C:\users\aleph\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\aleph\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{85440A22-F69B-4E23-9D20-084C0E99C23B}C:\users\aleph\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\aleph\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{F4F69EBC-35BA-4AF8-B98A-3EC3402EB880}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [UDP Query User{2472D1A1-A56B-45E6-98B9-EC9C02DEC49B}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe FirewallRules: [TCP Query User{CF3F1A15-010C-4CB0-B04C-91780662C117}C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe FirewallRules: [UDP Query User{EFD4CC93-0313-4463-944B-F2C9CF659DB5}C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe FirewallRules: [TCP Query User{33FE5AC7-CA32-4377-A479-88F50EFA86D8}C:\users\aleph\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aleph\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{26A0C894-DC8B-43B0-A293-842D501848A4}C:\users\aleph\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aleph\appdata\roaming\spotify\spotify.exe FirewallRules: [{564160A3-CA4D-433B-9E81-6CCED2B4EDEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{848F0076-A616-4F45-83A3-FF97D320E7BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [TCP Query User{4E3895B1-9C4A-446B-8F15-61F3B1489F79}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe FirewallRules: [UDP Query User{AA7543E6-E76F-418B-AAA5-908709F22C34}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe FirewallRules: [TCP Query User{9A4FDD17-65AF-478B-8B2E-9D6F50184861}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe FirewallRules: [UDP Query User{6FD1B4F0-9F53-4830-A307-2FA1D5B52D8C}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe FirewallRules: [TCP Query User{96374712-EACF-4233-85D6-7D24B1B982A6}C:\users\aleph\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\aleph\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{5B385F5C-E666-449C-9004-5686375075C2}C:\users\aleph\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\aleph\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{002D555B-8B86-4BF5-A466-102CDEC2750E}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe FirewallRules: [UDP Query User{70504F19-4573-465B-A16D-277B02EEE197}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe FirewallRules: [TCP Query User{4611DD7A-F3FA-4D1E-9B47-4BED82EFDDE7}C:\users\aleph\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\aleph\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{4DDF1393-6EAE-41BD-86E7-5B3D00235162}C:\users\aleph\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\aleph\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{DE2AE7C0-DEE0-44A0-A5F2-E76ED8AB8616}C:\users\aleph\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aleph\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{1D5BDF63-7476-4248-941D-4D5409A97562}C:\users\aleph\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aleph\appdata\roaming\spotify\spotify.exe FirewallRules: [{44842D23-39E9-465E-A06F-1D9EE91D9335}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TOXIKK\Binaries\ToxikkLauncher.exe FirewallRules: [{80670D5F-9026-4B4F-A8CA-F5FB515CA872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TOXIKK\Binaries\ToxikkLauncher.exe FirewallRules: [{E9691091-678E-477C-B43E-C29E893E1C12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strike Suit Infinity\pc\main\Binary\SSZ.exe FirewallRules: [{C7EFA95C-E70A-46CF-8A6D-B62465CA9CD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strike Suit Infinity\pc\main\Binary\SSZ.exe FirewallRules: [TCP Query User{371F4E27-C3AD-4F7E-965C-39D4AB02181D}C:\program files (x86)\deluge\deluge.exe] => (Block) C:\program files (x86)\deluge\deluge.exe FirewallRules: [UDP Query User{D362499F-46FC-4F72-A900-5B3BB6E877D0}C:\program files (x86)\deluge\deluge.exe] => (Block) C:\program files (x86)\deluge\deluge.exe FirewallRules: [TCP Query User{F478DD50-ED6E-488B-8330-C1AA27D1E0DC}F:\transfer-desktp\mov\stoff\game\fallendoll\free\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) F:\transfer-desktp\mov\stoff\game\fallendoll\free\engine\binaries\win32\ue4game-win32-shipping.exe FirewallRules: [UDP Query User{E847412B-B7A0-4BF8-99CA-93E184F9F944}F:\transfer-desktp\mov\stoff\game\fallendoll\free\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) F:\transfer-desktp\mov\stoff\game\fallendoll\free\engine\binaries\win32\ue4game-win32-shipping.exe FirewallRules: [TCP Query User{30BDB12C-6AC5-4168-9325-D31971ED1FC3}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe FirewallRules: [UDP Query User{DA2AD114-10CB-4D95-BF8F-D41C1B81506A}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe FirewallRules: [TCP Query User{0A66A764-4807-4A4C-923C-59B95D3CC897}C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe FirewallRules: [UDP Query User{5B7427F4-D48E-46DB-8262-8AB8F559DA02}C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe FirewallRules: [{B8EF8548-92C7-44D1-AB5F-1718C42E5266}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AF4D7010-D295-44C4-9D49-60BCBC889350}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B0E806CD-A296-4C7B-B06E-FFA5E216A187}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{E97741F3-EA6F-4D41-8BFB-569FDE40CA09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [TCP Query User{5C89CA15-5E31-4595-9D0B-01507F8C0D00}C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe FirewallRules: [UDP Query User{3A053027-6729-4014-80E3-DB6493EBACC6}C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe FirewallRules: [{FC81515A-EF40-4669-BCA0-DFAEE17E91B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dropsy\Dropsy.exe FirewallRules: [{E0D9304D-08A1-4F9C-A332-B1B7F7354E02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dropsy\Dropsy.exe FirewallRules: [{64DF9DCB-7F80-4062-B545-5B27B6917FBA}] => (Allow) C:\Users\Aleph\Downloads\bin\BlackDesert32.exe FirewallRules: [{BC1E030B-143A-4FE3-9139-A16F56A16D19}] => (Allow) C:\Users\Aleph\Downloads\bin64\BlackDesert64.exe FirewallRules: [{4B15AF56-EC54-4639-A347-511416912E64}] => (Allow) C:\Users\Aleph\Downloads\BlackDesert_Launcher.exe FirewallRules: [{FBB15602-3861-4467-BCFD-C8D8CFB60986}] => (Allow) C:\Users\Aleph\Downloads\BlackDesert_Downloader.exe FirewallRules: [{8EC7B8DF-E09B-47FD-957D-4ABC5B6F0EC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe FirewallRules: [{92297128-2E80-45CD-90AA-9591973B26CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe FirewallRules: [TCP Query User{ED098E04-66E0-440F-9AEC-232CB89E8E70}F:\transfer-desktp\mov\stoff\game\free\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) F:\transfer-desktp\mov\stoff\game\free\engine\binaries\win32\ue4game-win32-shipping.exe FirewallRules: [UDP Query User{A8872868-5851-4916-A5BC-FF4E2812EEDD}F:\transfer-desktp\mov\stoff\game\free\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) F:\transfer-desktp\mov\stoff\game\free\engine\binaries\win32\ue4game-win32-shipping.exe FirewallRules: [{44440144-9D56-40F1-987E-7C7E4823DC8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Painter Studio\dps.exe FirewallRules: [{EA4EB323-EA87-4C31-A11C-290A30813F5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Painter Studio\dps.exe FirewallRules: [{1AE172E1-BCE4-4A25-A8A0-E468F3CCE051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AURION_GAME\AURION_GAME\Aurion.exe FirewallRules: [{9433B02C-FE88-473A-958A-A2AF03C8F9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AURION_GAME\AURION_GAME\Aurion.exe FirewallRules: [{B07BF1BD-0BD9-49FF-B511-5C5AF26B80E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blender\blender.exe FirewallRules: [{E57F6D1E-B8EC-4086-86A5-D841ADD935AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blender\blender.exe FirewallRules: [TCP Query User{FC53A068-1E6E-42E0-9F0C-E6FF7A1BEC07}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{5A842EF5-FD63-454F-88FB-1CCFC0AB473F}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{00C55B05-F3DE-4C42-98B8-1CE0FF62C83E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subsurface Circular\Subsurface Circular.exe FirewallRules: [{F1BFC1BF-CB7D-4F0B-A28D-6BAD5F360774}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subsurface Circular\Subsurface Circular.exe FirewallRules: [{C6505D78-06BF-45E8-AC8C-A4DD4AA3D9D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\jazzpunk.exe FirewallRules: [{BA2F183E-437B-4A37-8367-015CBE53DA6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\jazzpunk.exe FirewallRules: [{02F1FE3F-1456-4263-A37D-B6F5D72CB821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe FirewallRules: [{488887A3-1F86-4E16-B69F-E8AA9BC04584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe FirewallRules: [{FF2B80F7-F332-48FF-A440-E6E171C4A661}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe FirewallRules: [{82ED1FE0-3445-43EA-8411-B3C10BABE481}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe FirewallRules: [{2813B842-E892-4836-B0FE-7ECE7366AE59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{A1D8ABCC-B813-4837-8E69-5D0925A1E70A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{1B062263-EA52-45E5-BF90-FE90A95E6B0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe FirewallRules: [{34BAB08C-A46D-424F-8770-16DD7CAEAC96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe FirewallRules: [{F4FE1221-0A89-4CB2-81E1-BFA017E59101}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [TCP Query User{D03B0217-D34B-4352-A7DA-DDA90D5723AA}C:\program files (x86)\yacreader\yacreaderlibrary.exe] => (Allow) C:\program files (x86)\yacreader\yacreaderlibrary.exe FirewallRules: [UDP Query User{FE7546F4-7053-4CE7-A3D8-8877A1149423}C:\program files (x86)\yacreader\yacreaderlibrary.exe] => (Allow) C:\program files (x86)\yacreader\yacreaderlibrary.exe FirewallRules: [{2B1E1683-B12A-4378-AEB6-7F5ECEE9BA31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe FirewallRules: [{0698B1C3-8398-4DE3-81EE-5B5D80CA5F4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe FirewallRules: [{7AD43C64-BBBF-401F-B999-EF742E3B055E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe FirewallRules: [{F9C64F1B-43EC-4FEA-A79A-A92BE9B073E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe FirewallRules: [{30474D2C-ECA4-4CFF-840A-A76E5971752E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{4CEBE61D-494A-4244-BF33-73E662F47CFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{0CB304BC-5541-40B5-9265-ECBE1DA8970F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{AEE83F1C-2BC4-4C1E-A042-5C142B9B0E52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{7732F598-E54C-48DA-94A7-882AE9D002EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe FirewallRules: [{03E0F3B7-A263-471E-BA15-D57907867F69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe FirewallRules: [{2F7ED0B4-7ED2-4B0D-BC7C-D8FB64A137E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe FirewallRules: [{BECC49F5-10A8-49DA-ABD6-11170CC96C91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe FirewallRules: [{714BEFB5-4E97-45DA-A7BF-E04FDAA7C64B}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{E0DC8263-43F6-44DB-B9DE-F64A8A938290}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{3FD0AF7F-14A2-4800-85E2-18665428429B}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{A02643DA-E717-4F89-8807-6CA767222C6D}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{32CA7F00-47B1-4952-AA73-FA52E488CECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe FirewallRules: [{A729C009-B0A5-4253-9247-766A1C0E1AA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe FirewallRules: [{1B9C6F7D-AC52-4A89-9843-3F7AC700A1F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe FirewallRules: [{90402B73-BE3C-4B38-8A6A-162D1C992890}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe FirewallRules: [TCP Query User{8D39CB12-7561-434D-97E4-978E7D37DA99}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [UDP Query User{C882AA08-C413-4802-8CEA-DF6DF30249CB}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [TCP Query User{BA740F67-1AAE-42E4-94F6-118B1207E451}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [UDP Query User{804C40FF-20F7-48EA-B488-B6FF9A4F7DA7}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe FirewallRules: [{DD40A53F-15F8-4521-B075-96C7251860CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bunker Punks\BunkerPunks.exe FirewallRules: [{CA5F91F5-E218-4CA9-8AE2-9DFA42815CB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bunker Punks\BunkerPunks.exe FirewallRules: [{80DF669A-7EAE-46C0-AAF4-47CA0DEB5138}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallen Hero Rebirth\FallenHeroRebirth.exe FirewallRules: [{6DAE846D-621C-484A-B467-F897769B1813}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallen Hero Rebirth\FallenHeroRebirth.exe FirewallRules: [{A926C3E8-7580-4374-8E1D-8E36664ECD05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Headlander\Headlander.exe FirewallRules: [{C8BA8ACE-81D2-429B-A492-380B815855F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Headlander\Headlander.exe FirewallRules: [{E48E7171-CD3F-46F8-8C87-93EBB5CCCFF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{FA113E03-8456-4E7A-96DB-BAF06CE6772A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{5AB7AE6A-E0BE-405D-872D-A72AC5FEBF70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe FirewallRules: [{0ACDC354-412E-4F45-9F96-402896881ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Into the Breach\Breach.exe FirewallRules: [{C903025F-A4FF-408A-B30A-1E0CC4672CA9}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{41C5A1B4-0546-4AFC-AFFD-D6E5D6D39529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Holodrive\Holodrive.exe FirewallRules: [{DD5D9582-2F4D-40D5-94E6-26B32C633C3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Holodrive\Holodrive.exe FirewallRules: [{F17487EF-C04F-496D-BDF3-52F34914F43B}] => (Allow) C:\Program Files\KeyShot7\bin\keyshot.exe FirewallRules: [{1A431C8C-C891-4DC3-A7DF-D25045999612}] => (Allow) C:\Program Files\KeyShot7\bin\keyshot_daemon.exe FirewallRules: [{99AD2DEB-F38A-4CB7-BCEC-548520DAC6CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe FirewallRules: [{7EC4C911-D07E-407C-8D28-22083E787960}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe FirewallRules: [{660758A9-E37A-4D56-8D98-9ED441AF55D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quarantine Circular\QC.exe FirewallRules: [{843028FB-1F14-4574-9B47-BD0E32F43BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quarantine Circular\QC.exe FirewallRules: [{2C73E936-961D-4D17-AA59-1E464DBB5F34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodstained Curse of the Moon (Early look)\exe\COTM.exe FirewallRules: [{C286430D-B5CD-4573-8193-14D0DBC3BCAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodstained Curse of the Moon (Early look)\exe\COTM.exe FirewallRules: [{58D3B514-3403-4055-A24C-B4B07D9F44F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4DAD98BC-71D4-4760-8345-11989A34A5FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe FirewallRules: [{87EBF16D-B200-4AB5-BE33-E7452AFF591C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe FirewallRules: [{F9237434-DB4C-4F5E-9B6C-9C170DC5DDA6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{63329178-A938-4F57-8E21-4A3DC0B6C1C6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{2ADC1433-FA46-4844-8E9B-D1263EEDD839}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{06E2BB2F-8C40-412D-B7F5-4311C7818082}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{17B01C8A-6FCD-4E46-85EF-D838993B3913}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{9B72A935-5312-4C18-9D17-47A733568002}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{82969D59-E5FE-44B6-81F9-57E695FB93B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Indivisible Backer Preview\Indivisible.exe FirewallRules: [{6F82A8CE-2519-417D-9D86-EA33E596A670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Indivisible Backer Preview\Indivisible.exe FirewallRules: [{6634F023-27DA-46D5-89CD-173D2983E3FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodstained Backer Preview\BloodstainedRotN.exe FirewallRules: [{3D896DAC-A50D-45DA-9F73-7ADFF3129D56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodstained Backer Preview\BloodstainedRotN.exe FirewallRules: [{7D2B7A61-7B9C-49E2-AC5E-95DC9D613BBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{0C1FAAAA-D164-419D-AB6A-D8393EFBCD3C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe FirewallRules: [{6B797BA6-DC2A-4B3F-A9E1-C31557113AAE}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{E21EC2C0-C77C-4769-AD6A-47D1B9B7E2AE}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{6E7E590F-DA07-44DD-9AD2-9B6EE6BA7370}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{744AB7F6-88E8-4CC8-BFE3-FB519FD70647}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{B43B4AAC-5006-46D2-94FF-4947DAB80763}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{A02724B4-7817-404E-B663-86D6ABDEB49C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/01/2018 02:01:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x14c8 Programmets starttid: 0x01d441eb7c4bd170 Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: baadb4e0-adde-11e8-863b-d43d7e35dc43 Error: (09/01/2018 01:58:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x1c2c Programmets starttid: 0x01d441eb0f410372 Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: 4df32af0-adde-11e8-863b-d43d7e35dc43 Error: (09/01/2018 01:58:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT instans) Description: Product: Avast Update Helper -- Error 1316. Det angivna användarkontot finns redan. Error: (09/01/2018 01:57:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x11e8 Programmets starttid: 0x01d441eafea5abf3 Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: 3d115388-adde-11e8-863b-d43d7e35dc43 Error: (09/01/2018 01:57:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x1cb0 Programmets starttid: 0x01d441eafd2324fa Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: 3bbce21c-adde-11e8-863b-d43d7e35dc43 Error: (09/01/2018 01:53:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x1d34 Programmets starttid: 0x01d441ea72c447ed Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: b16494d8-addd-11e8-863b-d43d7e35dc43 Error: (09/01/2018 01:53:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x1214 Programmets starttid: 0x01d441ea6ec3712b Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: ad799058-addd-11e8-863b-d43d7e35dc43 Error: (09/01/2018 01:53:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 , felet uppstod i modulen med namn: EFRService.exe, version 8.60.4.8004, tidsstämpel 0x5b0e6e74 Undantagskod: 0x40000015 Felförskjutning: 0x0015ea23 Process-ID: 0x1eb4 Programmets starttid: 0x01d441ea6b1d17cd Sökväg till program: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Sökväg till modul: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapport-ID: a9993a60-addd-11e8-863b-d43d7e35dc43 System errors: ============= Error: (09/01/2018 02:01:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 439 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 438 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 437 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 436 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 435 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 434 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 433 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Error: (09/01/2018 02:01:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Check Point Endpoint EFR avslutades oväntat. Den har gjort detta 432 gång(er). Följande åtgärd kommer att utföras om 500 millisekunder: Starta om tjänsten. Windows Defender: =================================== Date: 2016-03-13 05:19:53.796 Description: Windows Defender-sökning har stoppats innan den slutfördes. Söknings-ID:{07E61C84-01EA-44A9-BFD9-33EC3DD69648} Sökningstyp:AntiSpyware Sökningsparametrar:Snabbsökning Användare:NT instans\Nätverkstjänst Date: 2016-02-12 03:03:42.827 Description: Windows Defender-sökning har stoppats innan den slutfördes. Söknings-ID:{80A450A9-D35B-49DC-8FCF-66A2D66C5425} Sökningstyp:AntiSpyware Sökningsparametrar:Snabbsökning Användare:NT instans\Nätverkstjänst Date: 2015-08-22 03:57:40.812 Description: Windows Defender-sökning har stoppats innan den slutfördes. Söknings-ID:{2BDC2B37-B953-473C-9050-98C7A5830BD6} Sökningstyp:AntiSpyware Sökningsparametrar:Snabbsökning Användare:NT instans\Nätverkstjänst Date: 2014-01-12 04:53:48.379 Description: Windows Defender-sökning har stoppats innan den slutfördes. Söknings-ID:{44BDF0AC-939A-47E0-AC49-4959F5787C0B} Sökningstyp:AntiSpyware Sökningsparametrar:Snabbsökning Användare:NT instans\Nätverkstjänst CodeIntegrity: =================================== Date: 2016-09-08 11:15:28.480 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-08 11:15:27.357 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-07 19:13:30.537 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-07 19:13:30.428 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-07 11:07:43.449 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-07 11:07:42.264 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-06 12:18:11.852 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-09-06 12:18:11.743 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Percentage of memory in use: 20% Total physical RAM: 16316.76 MB Available physical RAM: 13049.59 MB Total Virtual: 20410.94 MB Available Virtual: 16627.03 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1863.01 GB) (Free:86.05 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (GSP1RMCHPXFRER_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF Drive i: () (Removable) (Total:7.76 GB) (Free:2.13 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2A3021EB) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Protective MBR) (Size: 7.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================