Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2019 Ran by Wildcat™ (04-10-2019 11:04:46) Running from C:\Users\Wildcat™\Desktop Windows 10 Pro Version 1903 18362.356 (X64) (2019-07-31 14:54:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3767469261-4081403511-146646953-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3767469261-4081403511-146646953-503 - Limited - Disabled) Guest (S-1-5-21-3767469261-4081403511-146646953-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3767469261-4081403511-146646953-504 - Limited - Disabled) Wildcat™ (S-1-5-21-3767469261-4081403511-146646953-1001 - Administrator - Enabled) => C:\Users\Wildcat™ ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0619.1 - GIGABYTE) Hidden @BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0619.1 - GIGABYTE) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems) Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated) APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.0227.1 - GIGABYTE) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.0227.1 - GIGABYTE) Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) ASUS Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5000 - ASUS) Axialis IconWorkshop 6.70 (HKLM-x32\...\IconWorkshop) (Version: 6.70 - Axialis Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.48.2 - Bethesda Softworks) BitTorrent (HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\BitTorrent) (Version: 7.10.5.45312 - BitTorrent Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brother MFL-Pro Suite MFC-J4620DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.) Discord (HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.19.0226.1 - GIGABYTE) Hidden EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.19.0226.1 - GIGABYTE) EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.0522.1 - GIGABYTE) Hidden EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.0522.1 - GIGABYTE) ENE IO Driver (HKLM-x32\...\{D0512FF6-6194-4D2E-967E-25B82A3322FF}) (Version: 1.0.0 - ENE TECHNOLOGY INC.) Hidden ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden ENE_EHD_HAL (HKLM\...\{255CBDED-9999-40EE-B089-930BCFC9B026}) (Version: 1.00.02 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_HAL (HKLM-x32\...\{4f03cc12-1dbe-429a-a1d2-08824b1fb433}) (Version: 1.00.02 - ENE TECHNOLOGY INC.) Hidden EZRAID (HKLM-x32\...\{8F307CB5-FE1C-4BF3-8747-305D14161916}) (Version: 1.00.0000 - GIGABYTE) Hidden EZRAID (HKLM-x32\...\InstallShield_{8F307CB5-FE1C-4BF3-8747-305D14161916}) (Version: 1.00.0000 - GIGABYTE) Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.19.0705.1 - GIGABYTE) Hidden Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.19.0705.1 - GIGABYTE) FlipShare (HKLM-x32\...\{B1C0D829-FE30-059E-E93F-CDC7A48235C0}) (Version: 5.6.35.0 - Flip Video) GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.18.0208.1 - GIGABYTE) Hidden GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.18.0208.1 - GIGABYTE) Google Chrome (HKLM\...\{7F544E85-3FC4-3F6B-BE1C-679880E73AD3}) (Version: 77.0.3865.90 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - ) Intel(R) Chipset Device Software (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{0e9f5d6d-2200-4a15-98fc-9bdf36186e16}) (Version: 6.5.0.45 - Intel Corporation) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{394D8FA7-3F7E-4025-A7CB-DBD43D91431C}) (Version: 6.5.0.45 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation) iTunes (HKLM\...\{D6969886-0A8A-46BF-A3FA-D6CD43FC8F85}) (Version: 12.10.0.7 - Apple Inc.) Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.12026.20264 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.57 - mIRC Co. Ltd.) MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD) Mumble 1.2.19 (HKLM-x32\...\{F62A874F-2354-49B1-87BE-CAAD7C8FA084}) (Version: 1.2.19 - Thorvald Natvig) MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech) Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.5 - Duodian Technology Co. Ltd.) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation) NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12026.20264 - Microsoft Corporation) Hidden ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) PlatformPowerManagement (HKLM-x32\...\{7A6EB543-522C-4784-9DB5-4FC87522EBDF}) (Version: 1.18.0910.1 - GIGABYTE) Hidden PlatformPowerManagement (HKLM-x32\...\InstallShield_{7A6EB543-522C-4784-9DB5-4FC87522EBDF}) (Version: 1.18.0910.1 - GIGABYTE) Plex Media Server (HKLM-x32\...\{499596ef-052c-41dc-bdb8-7dd8d80c44ce}) (Version: 1.16.6.1592 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{CAEAF3E6-3D12-4D33-8D9F-2EC905EF9EF2}) (Version: 1.16.1592 - Plex, Inc.) Hidden Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1015.100206 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8586 - Realtek Semiconductor Corp.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.0702.2 - GIGABYTE) RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.1.2010 - Samsung Electronics) SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.19.0522.1 - GIGABYTE) Hidden SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.19.0522.1 - GIGABYTE) SmartKeyboard (HKLM-x32\...\{75B74C36-A9C6-4912-B4BB-C461AA36D01E}) (Version: 1.00.0000 - GIGABYTE) Hidden SmartKeyboard (HKLM-x32\...\InstallShield_{75B74C36-A9C6-4912-B4BB-C461AA36D01E}) (Version: 1.00.0000 - GIGABYTE) SOUND FORGE Pro 13.0 (x64) (HKLM\...\{B0BE684F-6631-11E9-8641-50E549394757}) (Version: 13.0.48 - MAGIX) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stopping Plex (HKLM-x32\...\{BDD87F60-CF21-4194-ABD2-654468ACFA59}) (Version: 1.16.1592 - Plex, Inc.) Hidden TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Twitch (HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Packages: ========= Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-12] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-12] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.9262.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Studios) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-09-28] (Netflix, Inc.) Pin More -> C:\Program Files\WindowsApps\37508SnowyDune.PinMore_3.0.5.0_x64__ztk87pzmht872 [2019-07-31] (Snowy Dune) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.158.0_x64__dt26b99r8h8gj [2019-07-12] (Realtek Semiconductor Corp) Sound Blaster Connect -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.10.0_x86__13fcda18mhdz2 [2019-07-11] (Creative Technology Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-26] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2019-07-12 13:16 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2019-07-12 13:17 - 2018-01-18 15:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll 2010-05-14 12:49 - 2010-05-14 12:49 - 002519040 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\Core.dll 2010-05-14 12:41 - 2010-05-14 12:41 - 000708608 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll 2010-05-14 12:38 - 2010-05-14 12:38 - 001581056 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll 2010-05-14 12:38 - 2010-05-14 12:38 - 006443008 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll 2010-05-14 12:38 - 2010-05-14 12:38 - 000188416 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll 2010-05-14 12:38 - 2010-05-14 12:38 - 000356352 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll 2019-07-12 13:16 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll 2019-07-12 13:16 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll 2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll 2019-03-27 14:15 - 2019-03-27 14:15 - 008703488 _____ (TODO: ) [File not signed] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\sharepoint.com -> hxxps://ragnarokconsultingservices-files.sharepoint.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;c:\program files (x86)\razer\chromabroadcast\bin;c:\program files\razer\chromabroadcast\bin;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\nvidia corporation\nvidia nvdlisr;c:\users\wildcat™\appdata\local\microsoft\windowsapps;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files\intel\wifi\bin\;c:\program files\common files\intel\wirelesscommon\;c:\program files\asus\bluetooth software\;c:\program files\asus\bluetooth software\syswow64;c:\windows\system32\config\systemprofile\appdata\local\microsoft\windowsapps;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files\NVIDIA Corporation\NVIDIA NGX HKU\S-1-5-21-3767469261-4081403511-146646953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wildcat™\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wallhaven-0qoezl.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData" HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3767469261-4081403511-146646953-1001\...\StartupApproved\Run: => "NoxDaemon" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E309BAFA-22F9-4116-B695-EE4E8ED9E83F}] => (Allow) LPort=9009 FirewallRules: [{C2F6AD66-83AC-4183-A5AA-7FF41586CE95}] => (Allow) LPort=9009 FirewallRules: [{7DD136AD-1520-42AD-8C3B-B28212AC45C3}] => (Allow) LPort=9009 FirewallRules: [{1B72D38F-23D6-439D-8BD7-E40FA27F2DF1}] => (Allow) LPort=9009 FirewallRules: [{C1AD5B81-6BC5-4AB0-8C7D-9E64273FA38C}] => (Allow) LPort=9009 FirewallRules: [{3104ED5D-2E4F-4AE2-9E74-DA8590F90EBA}] => (Allow) LPort=9009 FirewallRules: [{E5F15641-BB4B-4106-8DC1-760B40F1BB8C}] => (Allow) LPort=9009 FirewallRules: [{FF48266B-0AE7-4AEF-9396-E4541AE4BA3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Haegemonia The Solon Heritage\Hgma.exe (Digital Reality) [File not signed] FirewallRules: [{41DD0039-F0AE-4190-8CF8-B94A352EB298}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Haegemonia The Solon Heritage\Hgma.exe (Digital Reality) [File not signed] FirewallRules: [{96496D59-668D-44FE-994A-F25952D43376}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Haegemonia Legions of Iron\Hgm.exe () [File not signed] FirewallRules: [{83CBFD5F-7B8E-4A1A-A79C-1EE58CC0DA07}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Haegemonia Legions of Iron\Hgm.exe () [File not signed] FirewallRules: [{A88BB596-310C-404B-9630-6E27C6E9CD31}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe () [File not signed] FirewallRules: [{8FA8C0AC-287D-43D3-BCC1-B0DD4D5D59A3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe () [File not signed] FirewallRules: [{1BC98F58-32E8-4FC0-AF18-291EC541240D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe (Gearbox Software LLC -> ) FirewallRules: [{167E2D36-09DE-4A9C-99EF-AEDA4986B545}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe (Gearbox Software LLC -> ) FirewallRules: [{9097A116-A243-4F9B-8D6C-3324D6EC3322}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [File not signed] FirewallRules: [{AFC8DC75-AC53-4880-BEA4-BF5A6A3BBB0A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [File not signed] FirewallRules: [{96AC6A4D-5317-48E0-8989-B08F4F1056BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce 3\SF3LevelEditor.exe () [File not signed] FirewallRules: [{E09F6092-3D03-4246-8DA1-D8663B0C5ECE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce 3\SF3LevelEditor.exe () [File not signed] FirewallRules: [{35921C24-0319-4BEF-993F-ED83AA305F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce 3\SF3ClientFinal.exe (Grimlore Games GmbH) [File not signed] FirewallRules: [{5E9297F2-D6F6-4740-AE32-0161022783AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce 3\SF3ClientFinal.exe (Grimlore Games GmbH) [File not signed] FirewallRules: [{98826850-E71B-4CFA-AAC7-272D4A8FCF01}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed] FirewallRules: [{F81889D7-F249-4D5B-BE20-4C2599B8F6F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed] FirewallRules: [{6A1D75E0-D918-4B86-9F7F-C720CA7284C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\They Are Billions\TheyAreBillions.exe (Numantian Games) [File not signed] FirewallRules: [{F690C331-6B38-40E4-A535-EC284BC24C54}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\They Are Billions\TheyAreBillions.exe (Numantian Games) [File not signed] FirewallRules: [{FBC31299-7ECD-4BE0-920B-4E4B363D913E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts -> Electronic Arts, Inc.) FirewallRules: [{83AF902A-962D-423B-8661-3A7F24D78162}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts -> Electronic Arts, Inc.) FirewallRules: [{12DFBB3C-FFCE-4FB3-A066-6B9B96418CB5}] => (Allow) LPort=9009 FirewallRules: [{F752B76F-0DF7-48F8-A75B-5ADC0D2EB651}] => (Allow) LPort=9009 FirewallRules: [{8FA6B430-93E0-4ED4-A9F7-4E4EB3C7AD0F}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation) FirewallRules: [{9611345B-4109-4E9E-BE2D-1CF78F08260F}] => (Allow) D:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.) FirewallRules: [{4394CD2E-2ED9-45D9-8680-DD9096F1594B}] => (Allow) LPort=9009 FirewallRules: [{131D8226-559F-4D56-A83D-A433F9B61590}] => (Allow) LPort=9009 FirewallRules: [{3E2013E9-2CD8-4BD4-A7FE-FCC46124C293}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Settlers 7 Gold\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH -> Blue Byte GmbH) FirewallRules: [{EB55BCD8-05F7-4F29-9194-89DD8ADD6843}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Settlers 7 Gold\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH -> Blue Byte GmbH) FirewallRules: [{53959326-B0DD-4C6E-BE81-CA07DDB934E9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios) [File not signed] FirewallRules: [{E89EBDFA-F80F-41BC-AFFB-511BE7920A3D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios) [File not signed] FirewallRules: [{6C2EDDB8-2E64-4311-A705-AA9329C587DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed] FirewallRules: [{0DBA4C1D-02BC-4773-BE4E-FBDD5BE7A8D4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed] FirewallRules: [{BCD154DE-BF78-468F-854E-B5E1C18863F6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Agarest Generations of War 2\Agarest2.exe () [File not signed] FirewallRules: [{01C2E7E5-FF05-49AD-A516-DDBB3F0AACE2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Agarest Generations of War 2\Agarest2.exe () [File not signed] FirewallRules: [{88130FDD-B54A-494C-B842-03C2FFDD67FB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Agarest Zero\AgarestZero.exe () [File not signed] FirewallRules: [{058586DA-A449-4777-9578-6F4F615316E9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Agarest Zero\AgarestZero.exe () [File not signed] FirewallRules: [{DC478601-DCEB-415F-8E65-D80C39466DCE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Agarest Generations of War\Agarest.exe () [File not signed] FirewallRules: [{B26B420F-1144-4D33-B573-1786D6E013F5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Agarest Generations of War\Agarest.exe () [File not signed] FirewallRules: [{3FC87331-B580-4BC1-AA81-146C85F31F66}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed] FirewallRules: [{5A808CFA-B99C-4F56-A680-890C1F451248}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed] FirewallRules: [{662E15E8-9F2D-42B7-ADAF-563084F0283B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed] FirewallRules: [{8734540C-1409-4758-8BF1-0D91D44267DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed] FirewallRules: [{2998883F-CE6B-4869-9AB8-D1EC1AB1E20F}] => (Allow) LPort=9009 FirewallRules: [{035066AC-BEFB-4B74-9E50-8F5B61B5355A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BFF9470F-2402-4158-B919-44365B150276}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F1A557CE-EF88-488F-B1F7-B8D3039FBA19}] => (Allow) LPort=9009 FirewallRules: [{5511C741-CF06-4C5D-9D82-0BA72FE82450}] => (Allow) LPort=9009 FirewallRules: [{58FAED91-179F-412C-BC9A-A97050AC4D9D}] => (Allow) LPort=9009 FirewallRules: [{DB4CCEB1-CF07-4E75-BD67-567FA0D44EEB}] => (Allow) LPort=9009 FirewallRules: [{0EE0F5BB-E86E-4D71-ACA3-CFEB70C9946B}] => (Allow) LPort=9009 FirewallRules: [{7C9E10C9-30BB-4E88-B12F-605031518627}] => (Allow) LPort=9009 FirewallRules: [{57E0248E-1628-44C1-82D9-7B46A02573CD}] => (Allow) LPort=9009 FirewallRules: [{5ACF52E6-57CE-469A-AE09-420748E78D6C}] => (Allow) LPort=9009 FirewallRules: [{70AAFF59-954A-492A-BCEA-6C70C0D37264}] => (Allow) LPort=9009 FirewallRules: [{3403DD62-5718-48B4-A13A-B62F951BD6F9}] => (Allow) LPort=9009 FirewallRules: [{A588B076-1607-4DD4-B459-825F590E6AE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed] FirewallRules: [{90A66575-A4F2-4520-8107-09B99F24DB57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed] FirewallRules: [{F1FAB1C4-9874-40D3-A4E3-358981FFB4D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefleet Gothic Armada II\BattlefleetGothic2.exe (Focus Home Interactive -> EasyAntiCheat Ltd) FirewallRules: [{1CBF1389-5F0E-428A-B54B-F5DA774787C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefleet Gothic Armada II\BattlefleetGothic2.exe (Focus Home Interactive -> EasyAntiCheat Ltd) FirewallRules: [{8559C273-F1E9-4207-BC94-BAC4C0FDF84D}] => (Allow) LPort=9009 FirewallRules: [{FB1FA4F8-3B62-4A11-A38A-8932434AFF89}] => (Allow) LPort=9009 FirewallRules: [{0FEA81B3-8451-47C7-9E8F-B41606AE1F57}] => (Allow) LPort=9009 FirewallRules: [{7B9FF0AA-84D5-4638-83B8-F954CDD07926}] => (Allow) LPort=9009 FirewallRules: [{FC2C5FF7-742E-4F1E-9C39-0FD056288F73}] => (Allow) LPort=9009 FirewallRules: [{33B9C793-1C45-48AC-A627-98BAB54A8147}] => (Allow) LPort=9009 FirewallRules: [{02F5822C-75D3-4105-B411-D039348B312C}] => (Allow) LPort=9009 FirewallRules: [{4F6934D9-78DF-49EA-9D73-4962616AB6C7}] => (Allow) LPort=9009 FirewallRules: [{381605CA-DF30-4D61-8E65-FAA21590057A}] => (Allow) LPort=9009 FirewallRules: [{531F00DA-160D-4CA8-B19E-010C39D44CF1}] => (Allow) LPort=9009 FirewallRules: [{BCE10612-69D6-44B1-87BB-5A4FA5023C22}] => (Allow) LPort=9009 FirewallRules: [{149304C1-848D-4FC6-9E97-B9E77DE670FC}] => (Allow) LPort=9009 FirewallRules: [{7C935064-3E5F-41DE-A9AB-FA49DB948ABC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{021279FC-FBFF-4B29-9A10-AD406C600C44}] => (Allow) LPort=9009 FirewallRules: [{D3CBB941-F175-49CA-951E-C2E848FC1850}] => (Allow) LPort=9009 FirewallRules: [{BBFD62C4-5325-400B-9D98-4552380E7BA2}] => (Allow) LPort=9009 FirewallRules: [{94E57EA0-9179-4B36-9037-25B3F8A9AA76}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{06417981-FB0C-4188-9AE9-42FDEBA00CEB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{93908216-EE0E-4E8E-9E19-4C138D0C73BE}] => (Allow) LPort=9009 FirewallRules: [{95D35D24-FF64-4F2C-9EDD-09596A8C1C35}] => (Allow) LPort=9009 FirewallRules: [{3652BC54-0927-4B9F-B00E-1E8656B3AC03}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation) FirewallRules: [{A2740E41-11F1-4FF1-B1CD-AB36E8CED01E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation) FirewallRules: [{B3BA8092-0BFC-4833-8D94-0566503691CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed] FirewallRules: [{7C2ACF83-693D-49D7-B016-D5C8C00B5B76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed] FirewallRules: [{9BB7D98F-3BF7-4099-B47D-1A7A74C6DF3F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments) FirewallRules: [{233CE14F-16A0-4210-9AE1-B983D3FBEFD1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments) FirewallRules: [{1790F6B5-F7D1-4B0A-91A4-5756D2A9CD60}] => (Allow) LPort=9009 FirewallRules: [{E8615A70-5753-4CFF-87DE-4CC9E8A0680D}] => (Allow) LPort=9009 FirewallRules: [{13000269-1BDA-430D-8B3F-DFBB43763965}] => (Allow) LPort=9009 FirewallRules: [{609A2882-8898-4CAB-A1FD-D9E1CDF8D2FA}] => (Allow) LPort=9009 FirewallRules: [{9E85F778-0FCF-4798-A101-9C7F04731CD6}] => (Allow) LPort=9009 FirewallRules: [{EF7C0151-DC2E-402E-AFA7-752B3189BE23}] => (Allow) LPort=9009 FirewallRules: [{ACAF27D8-1F67-4536-8D90-F6B633E5DA52}] => (Allow) LPort=9009 FirewallRules: [{6F8378B6-BB45-4A04-856A-5DCAAA861633}] => (Allow) LPort=9009 FirewallRules: [{27ECF945-487D-4F9B-A5E8-3D8C82594B20}] => (Allow) LPort=9009 FirewallRules: [{C1E66EA8-BEC7-4165-8828-B00A959FC3B8}] => (Allow) LPort=9009 FirewallRules: [{7590CBA9-2840-4306-9C65-C7DAB4F2698B}] => (Allow) LPort=54925 FirewallRules: [{67043154-CDA8-4F87-8ADA-0ED93636C915}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE (Brother Industries, Ltd.) [File not signed] FirewallRules: [{FF64D622-329D-4E0B-9359-E6D77AE810B1}] => (Allow) LPort=9009 FirewallRules: [{539EEE61-35FB-4D24-8D75-4A58B5B8F2EF}] => (Allow) LPort=9009 FirewallRules: [{2F4DC0C3-FC39-4793-8B5A-FB76B03D26DE}] => (Allow) LPort=9009 FirewallRules: [{F795350B-0F01-407E-A8A0-2298F3B235D1}] => (Allow) LPort=8094 FirewallRules: [{47D58DC3-4C1D-40B5-B27F-F9ED43C79BBD}] => (Allow) LPort=1900 FirewallRules: [{3467F79B-2724-443F-AEEA-CAA07D3B7202}] => (Allow) LPort=1900 FirewallRules: [{A68B56A9-F1E5-435F-ADA9-D5A101F402E6}] => (Allow) LPort=1980 FirewallRules: [{3D37D02D-6AAD-4D1D-96F6-F7602FEE5074}] => (Allow) LPort=9009 FirewallRules: [{D091A289-5A11-42CE-9838-A993DF6F0C7C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3C993A34-75CC-46F1-B5EB-33BEB736EE6E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{131C39C3-DC2B-4270-A41B-1E166FB28C1A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{53732BB1-4445-4985-AA55-CAEDCDCDF233}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{74981A7B-DDC8-493A-A8C2-542DB7345A1A}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [TCP Query User{E6DF25C8-4E40-41F4-8D7A-50E42A026E97}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [{85C212E4-274A-4F02-9D71-295A0FFE8760}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C02D3409-4E64-4FE8-82AE-98ECF2C1C6EA}] => (Allow) C:\Users\Wildcat™\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{AC82B109-CFB0-46B2-80DF-B2F09E58EEC0}] => (Allow) C:\Users\Wildcat™\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B2A678DB-D590-4AD4-89D5-EFCE7476C6D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6DC16B7E-06DA-4A4E-962E-EB02909B3C6B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9C8713E5-3B9D-4B40-9D34-4AC1BD343F69}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0AB9AC81-1FA3-48F5-B1C9-D071F3FB7921}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B3388518-0226-4BC4-B0F8-53972B2AAEEA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2FB618B8-1E40-4FE2-9B4D-94154BB0EE82}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FBABC7B2-D878-412B-AA32-A0AC801B8598}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6C557F75-6D53-4E91-ABFD-A65C8396DEFB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{145ADF1D-0B08-4713-B25C-1233BA18DDA6}] => (Allow) LPort=9009 FirewallRules: [{D25209C9-FDB4-460E-8063-904223AAFC11}] => (Allow) LPort=9009 FirewallRules: [{85CFA720-9FD6-4938-8B63-C4FBBEB82829}] => (Allow) LPort=9009 FirewallRules: [{E844171C-1D14-4C22-9E85-647C5C7DA0D7}] => (Allow) LPort=9009 FirewallRules: [{5625046E-FD45-4878-824E-75FC2EAD5B54}] => (Allow) LPort=9009 FirewallRules: [{DD8F9F1B-EDF9-4212-B9EA-685E15913253}] => (Allow) LPort=9009 FirewallRules: [{15A86EA1-0C6F-458B-97B3-0D9FF855EC15}] => (Allow) LPort=9009 FirewallRules: [{93E27685-2181-443D-84B2-C86F1939DBE3}] => (Allow) LPort=9009 FirewallRules: [{2A6907B0-2F2A-4540-8B1C-6514A1D4CBAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce3_2019\SF3ClientFinal.exe (Grimlore Games GmbH) [File not signed] FirewallRules: [{43C2F079-CE45-419D-A590-474E255300FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce3_2019\SF3ClientFinal.exe (Grimlore Games GmbH) [File not signed] FirewallRules: [{01F0E476-B67C-4DD2-9813-8C009B283268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce3_2019\SF3LevelEditor.exe () [File not signed] FirewallRules: [{39ECC0F6-AA9E-4151-80E7-EB52D352E7F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpellForce3_2019\SF3LevelEditor.exe () [File not signed] FirewallRules: [TCP Query User{C1785D15-7775-48F9-9D49-AFA292F1AF03}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [UDP Query User{5F88D407-F433-479A-80D1-588A98D153CC}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [{5B19244E-E93E-4682-A8DB-3D2C9647D7DB}] => (Allow) LPort=9009 FirewallRules: [{D7911D69-32A4-4E2A-A82A-84FB726EA800}] => (Allow) LPort=9009 FirewallRules: [{9D6B0D84-A377-48A5-A9D6-FBA3645B22D4}] => (Allow) LPort=9009 FirewallRules: [{1B3AFAD3-BE9D-403E-B424-CAD7250F8654}] => (Allow) LPort=9009 FirewallRules: [{E66E16FE-1794-43D8-8519-307FFB763441}] => (Allow) LPort=9009 FirewallRules: [{BB33A961-3331-4498-A3CE-7A97A65D541B}] => (Allow) LPort=9009 FirewallRules: [{8ADE82C4-B05C-40AB-9DD0-A3E69FDC81AC}] => (Allow) LPort=9009 FirewallRules: [{2BB0CDED-49F5-4A58-A1DC-8526DCD7D933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\assembly_kit\binaries\BOB.modder.x64.exe () [File not signed] FirewallRules: [{3C1F8836-35ED-4D7A-9DAE-20989808C939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\assembly_kit\binaries\BOB.modder.x64.exe () [File not signed] FirewallRules: [{EE31BB8B-F3CF-4ACF-A128-79ABA29BACFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\assembly_kit\binaries\Tweak.modder.x64.exe () [File not signed] FirewallRules: [{BE05F12B-9D3A-41F2-82F6-337C82EBB587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\assembly_kit\binaries\Tweak.modder.x64.exe () [File not signed] FirewallRules: [{00C05C13-3739-46E0-A056-9F191D66ED91}] => (Allow) LPort=9009 FirewallRules: [{2EDB0217-D1CD-4402-A790-2105CC7D3110}] => (Allow) LPort=9009 FirewallRules: [{98460C22-A4EF-4476-9AD9-B6314C989C71}] => (Allow) LPort=9009 FirewallRules: [{ABCE2C6D-C06A-4A59-AE03-079449363DDE}] => (Allow) LPort=9009 FirewallRules: [{A560DCC5-97AA-468B-827E-0458BF3B2A01}] => (Allow) LPort=9009 FirewallRules: [{2CAC985A-BF07-44F0-B451-5F41AC35017A}] => (Allow) LPort=9009 FirewallRules: [{C69B9DE0-3A76-458C-BFE5-ED2168570E7D}] => (Allow) LPort=9009 FirewallRules: [{C8E8D621-6E71-4D40-9330-B619E6302DF3}] => (Allow) LPort=9009 FirewallRules: [{2E9CFA66-78D6-4912-B132-C48C9AF5AE96}] => (Allow) LPort=9009 FirewallRules: [{C2AA1D48-CEAD-4788-8850-66CDC532BEE4}] => (Allow) LPort=9009 FirewallRules: [{85D51F8E-A86C-4991-8004-761413B5C059}] => (Allow) LPort=9009 FirewallRules: [{CE90C560-B62F-4412-832C-8DB47BD83E36}] => (Allow) LPort=9009 FirewallRules: [{223233CD-7383-4ACA-9B6D-09ECD651CE7B}] => (Allow) LPort=9009 FirewallRules: [{8885DFC7-B5DE-4551-AA6D-689758FC9FD7}] => (Allow) LPort=9009 FirewallRules: [{43E08464-4A1D-47B6-9B64-7C2170054135}] => (Allow) LPort=9009 FirewallRules: [{D2AE28D5-2494-4D4F-AFB2-81D935A61AE0}] => (Allow) LPort=9009 FirewallRules: [{3F70DD6C-E379-4450-821B-5D3BB95179F7}] => (Allow) LPort=9009 FirewallRules: [{E474DAB4-E026-4694-A783-55BD7C476FF3}] => (Allow) LPort=9009 FirewallRules: [{16ABE7CE-A738-4DE0-B4E4-FD8BEA20723A}] => (Allow) LPort=9009 FirewallRules: [{5236E864-928F-4F0B-B741-C2ED2D93F68D}] => (Allow) LPort=9009 FirewallRules: [{AE800E5C-0186-47C6-AEDF-1924F3EC1A32}] => (Allow) LPort=9009 FirewallRules: [{F4FE3774-8855-4620-BA06-DD0C760F595E}] => (Allow) LPort=9009 FirewallRules: [{34B7FDF7-1941-4BEE-B428-C263E548DDD2}] => (Allow) LPort=9009 FirewallRules: [{0D908912-9AA0-4D41-863A-DDC1B32D570B}] => (Allow) LPort=9009 FirewallRules: [{59FF2F07-2131-4506-88C4-DC71FD61AFFF}] => (Allow) LPort=9009 FirewallRules: [{BAA8831B-A5C7-41F8-A13C-CC63310D0525}] => (Allow) LPort=9009 FirewallRules: [{44A2CD3C-E4E3-49EE-ABBE-4B44B17DE0AF}] => (Allow) LPort=9009 FirewallRules: [{DD2F3CB8-3939-41E4-80A9-D5AD302AE2A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{11E86F53-0C49-4261-B012-C9D28162FDD7}] => (Allow) LPort=9009 FirewallRules: [{9C4827CF-CFFE-4E29-8820-63A4BEF1E0B2}] => (Allow) LPort=9009 FirewallRules: [{C16DB8B2-2E3C-466B-AE06-6E2DF3F652AC}] => (Allow) LPort=9009 FirewallRules: [{CAFB7322-DC3C-480A-8A13-C80AC46DC103}] => (Allow) LPort=9009 FirewallRules: [{FCA91A23-710B-4B20-8CEB-DC737F0D4E3A}] => (Allow) LPort=9009 FirewallRules: [{4DA971D1-2C56-4D07-A79A-C1FBF10075A6}] => (Allow) LPort=9009 FirewallRules: [{12A61C84-00FB-467B-880B-0FD793A04C9B}] => (Allow) LPort=9009 FirewallRules: [{C9AD7E0B-859D-42D2-A98C-92681E77EAA1}] => (Allow) LPort=9009 FirewallRules: [{289BADBE-1375-420E-9606-6760081DC28F}] => (Allow) LPort=9009 FirewallRules: [{1F8D887B-B4A4-4D4C-AF52-890E0902DE85}] => (Allow) LPort=9009 FirewallRules: [{F1AE6D91-37A3-4226-BD69-F2D262F62E3B}] => (Allow) LPort=9009 FirewallRules: [{F28E71AE-BD0D-43DA-A458-E187AA6D3701}] => (Allow) LPort=9009 FirewallRules: [{6B579A40-AAAC-454F-922F-87468B1E67D5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{91FC12BB-7DB0-4E8E-AF99-8793D31CA19D}] => (Allow) LPort=9009 FirewallRules: [{B705D470-3D86-45EE-AF61-D5DDA5B4F5D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A676E5DD-FA1F-44DB-917D-B71B111E7CEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9D9E05F4-7E9E-40BD-BAFE-FE67EE815CF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E4CF2419-866A-4D0A-8988-3691D0459182}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4DB3E02A-5F8B-4EA5-93EC-0B91DFF47AF5}] => (Allow) LPort=9009 FirewallRules: [{E3AD9C20-6D0B-4565-83FE-99C8158E08BC}] => (Allow) LPort=9009 FirewallRules: [{AABE2BB2-4B3A-4ECD-AD83-1FD891304264}] => (Allow) LPort=9009 FirewallRules: [{3783CB62-7E96-4190-BAE7-71E8BFA240DE}] => (Allow) LPort=9009 FirewallRules: [{D5637146-BE12-4D04-9406-AAB127970CEF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{FB67C021-70AD-4A54-96AA-ED7020874569}] => (Allow) LPort=9009 FirewallRules: [{7A1504C6-EB5E-4C4D-A7C2-A5EECE142F70}] => (Allow) LPort=9009 FirewallRules: [{AD6403FB-5C07-41BE-A8A2-5F3541FDF160}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{0A2AC56C-ED8F-4F76-A45F-EB543CD1E1A5}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation) FirewallRules: [{6F63E59D-3106-423A-8482-6EF3C9662F20}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{11355889-B3CD-4983-A525-74D18D370DD9}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> ) FirewallRules: [{677A631E-A88A-4223-B0D8-ABEC36E8F945}] => (Allow) LPort=9009 FirewallRules: [{5A0EA1B8-6E6A-4B38-8924-82C10CABC439}] => (Allow) LPort=9009 FirewallRules: [{024DC574-DC13-4D64-92ED-37061FBFB02A}] => (Allow) LPort=9009 FirewallRules: [{1CED1EBD-3EA1-452A-A948-7250A17C6F6F}] => (Allow) LPort=9009 FirewallRules: [{2ABAC03F-901B-4187-AFAE-3C119731C6F4}] => (Allow) LPort=9009 FirewallRules: [{589BA5DD-0673-4423-87FA-DDF5F21AF91D}] => (Allow) LPort=9009 FirewallRules: [{5A87C920-E844-4EC3-96A2-71675A6A7EED}] => (Allow) LPort=9009 FirewallRules: [{072A4012-9F65-4389-A0CF-104715FFBB5A}] => (Allow) LPort=9009 FirewallRules: [{433A5F9F-0476-4936-9D9D-1EAA499F577E}] => (Allow) LPort=9009 FirewallRules: [{F205E32F-A3C0-41FF-9C86-18B1BC0E09A1}] => (Allow) LPort=9009 FirewallRules: [{59B84C77-0BEE-4A07-A88E-4F58E5EA05A1}] => (Allow) LPort=9009 FirewallRules: [{CBD3D7F7-1B13-41E5-A6EC-A38425603D89}] => (Allow) LPort=9009 FirewallRules: [{EE6ECACE-96E8-4F30-887D-329EBBE40053}] => (Allow) LPort=9009 FirewallRules: [{3A2883C7-088E-473A-826C-2B4672C19280}] => (Allow) LPort=9009 FirewallRules: [{54D97F3B-CB9C-4090-A730-983C0C5DB8AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{4A4DDA8F-2A95-43F0-BBF3-14336294B27A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{323BFA61-E887-429E-9DAA-B2269B7753AC}] => (Allow) LPort=9009 FirewallRules: [{ABEFFD09-BE37-4948-BC4A-E9E2264775D9}] => (Allow) LPort=9009 FirewallRules: [{6E66A1A4-43A9-4AD5-82E2-49F864062313}] => (Allow) LPort=9009 ==================== Codecs (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed] ==================== Restore Points ========================= 19-09-2019 16:28:53 Windows Update 21-09-2019 02:03:14 Plex Media Server 29-09-2019 22:10:23 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Intel(R) Wireless Bluetooth(R) Description: Intel(R) Wireless Bluetooth(R) Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Intel Corporation Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/04/2019 11:03:59 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 2.10.2019.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1f90 Start Time: 01d57ac4c66c2c9f Termination Time: 4294967295 Application Path: C:\Users\Wildcat™\Desktop\FRST64.exe Report Id: f1cf051a-e489-4458-ac08-d4cbc6dd8dc1 Faulting package full name: Faulting package-relative application ID: Hang type: Top level window is idle Error: (10/04/2019 10:57:28 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7384,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (10/04/2019 10:52:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Client application bug: DNSServiceResolve(f0:76:6f:2d:90:f4@fe80::f276:6fff:fe2d:90f4._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (10/04/2019 10:52:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Client application bug: DNSServiceResolve(c8:b5:b7:73:72:bd@fe80::cab5:b7ff:fe73:72bd._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (10/04/2019 10:52:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Client application bug: DNSServiceResolve(2c:1f:23:5b:01:14@fe80::2e1f:23ff:fe5b:114._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (10/04/2019 10:50:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 24 Error: (10/04/2019 10:50:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 23 Error: (10/04/2019 10:50:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 22 System errors: ============= Error: (10/04/2019 10:49:45 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY) Description: The BITS service failed to start. Error 2147500053. Error: (10/04/2019 10:27:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Error: (10/04/2019 10:27:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The NVIDIA LocalSystem Container service terminated with the following error: A generic command executable returned a result that indicates failure. Error: (10/04/2019 09:40:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Error: (10/04/2019 09:40:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The NVIDIA LocalSystem Container service terminated with the following error: A generic command executable returned a result that indicates failure. Error: (10/04/2019 08:39:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Razer Synapse Service service terminated unexpectedly. It has done this 1 time(s). Error: (10/03/2019 07:01:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (10/03/2019 07:01:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Windows Defender: =================================== Date: 2019-10-03 19:15:54.409 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0 Name: Trojan:Win32/Tiggre!plock ID: 2147723626 Severity: Severe Category: Trojan Path: file:_C:\WINDOWS\system32\StartupCheckLibrary.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.303.772.0, AS: 1.303.772.0, NIS: 1.303.772.0 Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2 Date: 2019-10-03 15:04:58.369 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {B0454460-BF27-4EAD-8087-3158F853759C} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-10-01 07:56:07.938 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {098333D4-9365-4ED6-879A-3C75E833E6B6} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-10-01 07:13:42.105 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {415D40A3-7757-449A-86EA-93E175B56944} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-09-30 14:30:16.216 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {505A28B8-8E9B-4B64-859F-E4382D58D8CA} Scan Type: Antimalware Scan Parameters: Quick Scan CodeIntegrity: =================================== Date: 2019-08-24 19:32:31.261 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: American Megatrends Inc. F6 04/03/2018 Motherboard: Gigabyte Technology Co., Ltd. Z370 AORUS Gaming 5-CF Processor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz Percentage of memory in use: 34% Total physical RAM: 16328.17 MB Available physical RAM: 10733.43 MB Total Virtual: 21448.17 MB Available Virtual: 13714.45 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.44 GB) (Free:532.77 GB) NTFS Drive d: (Local Disk) (Fixed) (Total:931.39 GB) (Free:693.71 GB) NTFS Drive e: (Local Disk) (Fixed) (Total:1863.01 GB) (Free:1491.78 GB) NTFS Drive f: (Local Disk) (Fixed) (Total:1863 GB) (Free:1627.32 GB) NTFS \\?\Volume{e6ebe98d-8e34-11e9-9e6d-d46d6dad4994}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{afe0ba8e-ff75-4a05-a4dc-a26a8213764b}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{cb8c6a90-347b-4972-9c96-b2618a0c5ddd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0013447E) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E1203037) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================