Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

startupchecklibrary.dll Missing! [Closed]

Started by HossamL , Apr 19 2019 12:08 PM

startupchecklibrary.dll missing help dll dll missing missing dll file file missing missing dll

This topic is locked

#1
HossamL

Posted 19 April 2019 - 12:08 PM

Member

Member
15 posts

Hello! when I start my pc up I get an error message that startupchecklibrary.dll is missing. I have tried to look for an answer but sadly didn't find one. I hope this could help a lot of people.

Attached Thumbnails

Edited by HossamL, 19 April 2019 - 12:09 PM.

#2
iMacg3

Posted 19 April 2019 - 01:01 PM

GeekU PowerPC G3

GeekU Moderator
1,921 posts

Welcome.

Please follow the instructions in this guide, and post the requested logs: http://www.geekstogo...before-posting/

#3
HossamL

Posted 19 April 2019 - 01:04 PM

Member

Topic Starter
Member
15 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019

Ran by Hossam (administrator) on LENOVO-PC (19-04-2019 19:59:44)

Running from C:\Users\Hossam\Downloads

Loaded Profiles: Hossam (Available Profiles: Hossam & Administratör)

Platform: Windows 10 Home Version 1809 17763.437 (X64) Language: Svenska (Sverige)

Default browser: Chrome

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

() [File not signed] C:\Windows\jmesoft\Service.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe

(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe

(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe

(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe

() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe

(Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe

(McAfee, Inc. -> McAfee, Inc.) C:\ProgramData\McAfee\McInstruTrack\McInstruTrack.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe

(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe

(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe

(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe

(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\McCSPServiceHost.exe

(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_12\mcapexe.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe

(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.714.0_x64__8wekyb3d8bbwe\YourPhone.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe

(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe

(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe

(F.lux Software LLC -> f.lux Software LLC) C:\Users\Hossam\AppData\Local\FluxSoftware\Flux\flux.exe

(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\Hossam\AppData\Local\Microsoft\OneDrive\OneDrive.exe

(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe

(Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe

(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe

() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe

(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe

(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe

(OOO Lightshot -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe

(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe

(Spotify AB -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe

(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Discord Inc. -> Discord Inc.) C:\Users\Hossam\AppData\Local\Discord\app-0.0.305\Discord.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Discord Inc. -> Discord Inc.) C:\Users\Hossam\AppData\Local\Discord\app-0.0.305\Discord.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )

HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)

HKLM\...\Run: [Fences] => D:\Games\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]

HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] () [File not signed]

HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)

HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)

HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)

HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] (OOO Lightshot -> )

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Steam] => D:\Program\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Discord] => C:\Users\Hossam\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-03-27] (Razer USA Ltd. -> )

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [f.lux] => C:\Users\Hossam\AppData\Local\FluxSoftware\Flux\flux.exe [1376264 2019-04-03] (F.lux Software LLC -> f.lux Software LLC)

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Run: [Fences] => d:\games\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2012-06-11] (Beepa P/L) [File not signed]

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-06-11] (Beepa P/L) [File not signed]

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)

HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

IFEO\taskmgr.exe: [Debugger]

Startup: C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter.LNK [2017-03-27]

ShortcutTarget: Voicemeeter.LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Vincent Burel -> VB-AUDIO Software)

GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

Tcpip\..\Interfaces\{06C59F79-FC2C-4714-84E0-AA7ADF2C1005}: [DhcpNameServer] 10.0.0.1

Tcpip\..\Interfaces\{C5FAE918-2F73-424E-8B96-71CB940D466E}: [DhcpNameServer] 10.0.0.1

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493985220&z=80aec19d2a94243ea027f74g2zet5c5tfb6w0ofo3e&from=che0812&uid=SAMSUNGXMZ7LF120HCHP-000L1_S25ZNXAG606008

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com

SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKLM -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKLM-x32 -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKU\.DEFAULT -> DefaultScope {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\.DEFAULT -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> DefaultScope {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D072918-A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {1D26B1F6-10C2-4A95-8CBD-172642C10A16} URL = hxxp://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {DC06812F-A7D0-45C4-B88E-602B480065DC} URL = hxxps://se.search.yahoo.com/search?p={searchTerms}&intl=se&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle

BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\nif\1537173264\browser\install\fs_ie_https\fs_ie_https64.dll => No File

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\nif\1537173264\browser\install\fs_ie_https\fs_ie_https.dll => No File

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-14] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-14] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-14] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-14] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)

FireFox:

========

FF DefaultProfile: r7340yzg.default

FF ProfilePath: C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\r7340yzg.default [2019-03-31]

FF Homepage: Mozilla\Firefox\Profiles\r7340yzg.default -> hxxp://page-ups.com/all/

FF NewTab: Mozilla\Firefox\Profiles\r7340yzg.default -> hxxp://www.bing.com/?pc=COSP&ptag=D072918-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799

FF Extension: (Grammarly for Firefox) - C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\r7340yzg.default\Extensions\[email protected] [2017-09-12]

FF Extension: (Quick Searcher) - C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\r7340yzg.default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233 [2018-02-04]

FF Extension: (Adblock Plus) - C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\r7340yzg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-31] [Legacy]

FF SearchPlugin: C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\r7340yzg.default\searchplugins\bing-lavasoft-ff59.xml [2018-07-30]

FF ProfilePath: C:\Users\Hossam\AppData\Roaming\Firefox\Firefox\Profiles\r7340yzg.default [2017-07-17] <==== ATTENTION

FF Homepage: Firefox\Firefox\Profiles\r7340yzg.default -> hxxps://www.google.se/?gfe_rd=cr&ei=r10zWfSBKsqq8we2-4qIAQ&gws_rd=ssl

FF Extension: (Svenska (SE) Language Pack) - C:\Users\Hossam\AppData\Roaming\Firefox\Firefox\Profiles\r7340yzg.default\Extensions\[email protected] [2017-06-01] [Legacy] [not signed]

FF Extension: (Adblock Plus) - C:\Users\Hossam\AppData\Roaming\Firefox\Firefox\Profiles\r7340yzg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08] [Legacy]

FF SearchPlugin: C:\Users\Hossam\AppData\Roaming\Firefox\Firefox\Profiles\r7340yzg.default\searchplugins\startsearch.xml [2017-05-20]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi => not found

FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi => not found

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-03-24] [Legacy] [not signed]

FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-02-15] (McAfee, Inc. -> )

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-02-15] (McAfee, Inc. -> )

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]

StartMenuInternet: FIREFOX.EXE - D:\Program\firefox.exe

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://www.funnysearching.com/

CHR StartupUrls: Default -> "hxxps://www.google.se/"

CHR Profile: C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default [2019-04-19]

CHR Extension: (Presentationer) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-04]

CHR Extension: (Dokument) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04]

CHR Extension: (Google Drive) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-13]

CHR Extension: (YouTube) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-13]

CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-02-13]

CHR Extension: (Netflix) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2018-02-04]

CHR Extension: (Tags for YouTube™) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggphokdgjikekfiakjcpidcclbmkfga [2019-03-27]

CHR Extension: (Kalkylark) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-04]

CHR Extension: (Studentkortets Rabattknapp) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkccpmgklfejhemeohopclkfeefonbda [2018-02-04]

CHR Extension: (Google Dokument Offline) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]

CHR Extension: (AdBlock) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-12]

CHR Extension: (Grammarly for Chrome) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-04-18]

CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Gmail) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-13]

CHR Extension: (Chrome Media Router) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]

CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-561342403-3159581679-3982711157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc -> Google Inc.) <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-26] (BattlEye Innovations e.K. -> )

R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082312 2019-04-02] (Microsoft Corporation -> Microsoft Corporation)

R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)

R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]

S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [532224 2014-04-23] (LENOVO -> Lenovo)

R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)

S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (LENOVO -> Lenovo)

R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-23] (McAfee, Inc. -> McAfee, Inc.)

S3 McAWFwk; c:\program files\common files\McAfee\ActWiz\McAWFwk.exe [458688 2018-11-14] (McAfee, Inc. -> McAfee, Inc.)

R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)

S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2019-01-16] (McAfee, Inc. -> McAfee, LLC)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2019-01-16] (McAfee, Inc. -> McAfee, LLC)

R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [509728 2019-01-16] (McAfee, Inc. -> McAfee, LLC)

R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.)

R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1360384 2019-02-05] (McAfee, Inc. -> McAfee, Inc.)

R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-29] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-03-27] (Razer USA Ltd. -> )

R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]

R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293352 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)

R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-04-02] (Razer USA Ltd. -> Razer Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]

R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2018-04-06] (Popcorn Time) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830128 2019-03-12] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77384 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [627208 2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)

S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)

S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [29688 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-07] (F-Secure Corporation -> )

S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.)

R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [88504 2018-10-12] (McAfee, Inc. -> McAfee, Inc.)

R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)

R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [373808 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86136 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)

R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517168 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [981032 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.)

S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)

R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)

S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)

S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)

R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [724968 2017-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)

R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8169472 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )

R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [45960 2019-01-16] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0060; C:\WINDOWS\System32\drivers\RzDev_0060.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0C00; C:\WINDOWS\System32\drivers\RzDev_0C00.sys [49648 2018-04-22] (Razer USA Ltd. -> Razer Inc)

S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2017-07-19] (Razer USA Ltd. -> Razer Inc)

S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)

S3 sparkocam; C:\WINDOWS\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft Inc -> Sparkosoft)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [31392 2017-07-28] (Valve Corp. -> )

R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [31392 2017-07-21] (Valve Corp. -> )

S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [36040 2015-09-11] (SaferSocial Ltd -> The OpenVPN Project)

R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)

R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-06-22] (Vincent Burel -> Windows ® Win 7 DDK provider)

S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [27136 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

S3 xb1usb; C:\WINDOWS\System32\drivers\xb1usb.sys [42760 2016-02-23] (Windows Central Build Account - X -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-19 19:59 - 2019-04-19 20:00 - 000046370 _____ C:\Users\Hossam\Downloads\FRST.txt

2019-04-19 19:55 - 2019-04-19 19:59 - 000000000 ____D C:\FRST

2019-04-19 19:55 - 2019-04-19 19:55 - 000000000 ____D C:\Users\Hossam\Downloads\FRST-OlderVersion

2019-04-19 19:54 - 2019-04-19 19:55 - 002434048 _____ (Farbar) C:\Users\Hossam\Downloads\FRST64.exe

2019-04-19 19:47 - 2019-04-19 19:47 - 000000000 ___HD C:\OneDriveTemp

2019-04-19 16:56 - 2019-04-19 16:56 - 000014802 _____ C:\Users\Hossam\Downloads\api-ms-win-crt-string-l1-1-0.dll (64-Bit).zip

2019-04-16 03:08 - 2019-04-16 03:08 - 000000000 ____D C:\Users\Hossam\AppData\Local\OneDrive

2019-04-16 01:08 - 2019-04-16 01:08 - 000000037 _____ C:\Users\Hossam\AppData\Roaming\WB.CFG

2019-04-15 22:17 - 2019-04-15 22:17 - 000000000 ____D C:\Users\Hossam\AppData\Local\D3DSCache

2019-04-15 21:12 - 2019-04-15 21:12 - 000000000 ____D C:\Users\Hossam\AppData\Local\DBG

2019-04-15 03:05 - 2019-04-15 03:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign52ef1851f2ffab8f

2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign498f61ed6d17f1f1

2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign2e83ca98d94ef235

2019-04-15 03:03 - 2019-04-15 03:03 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign070108571ae4148f

2019-04-14 20:28 - 2019-04-14 19:36 - 000000000 ____D C:\Windows.old

2019-04-14 20:23 - 2019-04-14 20:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2019-04-14 20:23 - 2019-04-14 20:23 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2019-04-14 20:23 - 2019-04-14 20:23 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2019-04-14 20:22 - 2019-04-14 20:22 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2019-04-14 20:22 - 2019-04-14 20:22 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe

2019-04-14 20:22 - 2019-04-14 20:22 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll

2019-04-14 20:22 - 2019-04-14 20:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll

2019-04-14 20:21 - 2019-04-14 20:22 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2019-04-14 20:21 - 2019-04-14 20:21 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2019-04-14 20:21 - 2019-04-14 20:21 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2019-04-14 20:21 - 2019-04-14 20:21 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2019-04-14 20:21 - 2019-04-14 20:21 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2019-04-14 20:21 - 2019-04-14 20:21 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2019-04-14 20:21 - 2019-04-14 20:21 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2019-04-14 20:21 - 2019-04-14 20:21 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys

2019-04-14 20:21 - 2019-04-14 20:21 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe

2019-04-14 20:21 - 2019-04-14 20:21 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin

2019-04-14 20:21 - 2019-04-14 20:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

2019-04-14 20:19 - 2019-04-14 20:28 - 000000000 ____D C:\Program Files\Reference Assemblies

2019-04-14 20:19 - 2019-04-14 20:19 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll

2019-04-14 20:19 - 2019-04-14 20:19 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml

2019-04-14 20:19 - 2019-04-14 20:19 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml

2019-04-14 20:19 - 2019-04-14 20:19 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2019-04-14 20:19 - 2019-04-14 20:19 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files\MSBuild

2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2019-04-14 20:19 - 2019-04-14 20:19 - 000000000 ____D C:\Program Files (x86)\MSBuild

2019-04-14 20:17 - 2019-04-14 20:36 - 000000000 ____D C:\ProgramData\Packages

2019-04-14 20:06 - 2019-04-15 03:11 - 000000000 ____D C:\Users\Hossam\AppData\Local\PlaceholderTileLogoFolder

2019-04-14 20:02 - 2019-04-14 20:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2019-04-14 20:01 - 2019-04-15 03:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\Comms

2019-04-14 20:01 - 2019-04-14 20:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\Publishers

2019-04-14 20:01 - 2019-04-14 20:01 - 000001446 _____ C:\Users\Hossam\Desktop\Microsoft Edge.lnk

2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ___RD C:\Users\Hossam\3D Objects

2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ___HD C:\Users\Hossam\MicrosoftEdgeBackups

2019-04-14 20:01 - 2019-04-14 20:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\MicrosoftEdge

2019-04-14 20:00 - 2019-04-15 16:01 - 000000000 ____D C:\Users\Hossam\AppData\Local\ConnectedDevicesPlatform

2019-04-14 20:00 - 2019-04-14 20:00 - 000000254 __RSH C:\Users\Hossam\ntuser.pol

2019-04-14 20:00 - 2019-04-14 20:00 - 000000020 ___SH C:\Users\Hossam\ntuser.ini

2019-04-14 19:45 - 2017-11-09 05:39 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2019-04-14 19:45 - 2017-11-09 05:39 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2019-04-14 19:45 - 2017-10-27 18:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2019-04-14 19:45 - 2017-09-14 01:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2019-04-14 19:45 - 2017-09-14 01:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2019-04-14 19:45 - 2017-09-14 01:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll

2019-04-14 19:45 - 2017-09-14 01:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe

2019-04-14 19:39 - 2019-04-19 19:52 - 001760796 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2019-04-14 19:36 - 2019-04-19 19:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2019-04-14 19:36 - 2019-04-19 16:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee

2019-04-14 19:36 - 2019-04-14 19:36 - 000004552 _____ C:\WINDOWS\System32\Tasks\Nervition Reports

2019-04-14 19:36 - 2019-04-14 19:36 - 000003296 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2019-04-14 19:36 - 2019-04-14 19:36 - 000003074 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C9DBA02-FBA0-450B-B43F-54C38254F680}

2019-04-14 19:36 - 2019-04-14 19:36 - 000003068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2019-04-14 19:36 - 2019-04-14 19:36 - 000002868 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473

2019-04-14 19:36 - 2019-04-14 19:36 - 000002844 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001

2019-04-14 19:36 - 2019-04-14 19:36 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-1004

2019-04-14 19:36 - 2019-04-14 19:36 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-1001

2019-04-14 19:36 - 2019-04-14 19:36 - 000002720 _____ C:\WINDOWS\System32\Tasks\Red Giant Link

2019-04-14 19:36 - 2019-04-14 19:36 - 000002676 _____ C:\WINDOWS\System32\Tasks\update-sys

2019-04-14 19:36 - 2019-04-14 19:36 - 000002638 _____ C:\WINDOWS\System32\Tasks\{C21F450B-D00F-4ABE-B6D2-CDE6C65B23FA}

2019-04-14 19:36 - 2019-04-14 19:36 - 000002616 _____ C:\WINDOWS\System32\Tasks\[email protected]

2019-04-14 19:36 - 2019-04-14 19:36 - 000002610 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-561342403-3159581679-3982711157-1001

2019-04-14 19:36 - 2019-04-14 19:36 - 000002596 _____ C:\WINDOWS\System32\Tasks\[email protected]

2019-04-14 19:36 - 2019-04-14 19:36 - 000002568 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon

2019-04-14 19:36 - 2019-04-14 19:36 - 000002480 _____ C:\WINDOWS\System32\Tasks\{ED5084A6-4D34-4C5A-AA8D-3723621254F9}

2019-04-14 19:36 - 2019-04-14 19:36 - 000002442 _____ C:\WINDOWS\System32\Tasks\b86d3bc690af9a1b64797c131e23dee6

2019-04-14 19:36 - 2019-04-14 19:36 - 000002402 _____ C:\WINDOWS\System32\Tasks\MicrosoftUpdate

2019-04-14 19:36 - 2019-04-14 19:36 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-561342403-3159581679-3982711157-500

2019-04-14 19:36 - 2019-04-14 19:36 - 000002314 _____ C:\WINDOWS\System32\Tasks\{24374C17-E411-49F6-9EEF-C6AB8679F3EC}

2019-04-14 19:36 - 2019-04-14 19:36 - 000002150 _____ C:\WINDOWS\System32\Tasks\{90080978-87CD-43C8-A945-5C4509928561}

2019-04-14 19:36 - 2019-04-14 19:36 - 000002072 _____ C:\WINDOWS\System32\Tasks\McInstruTrack

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Razer Synapse

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple

2019-04-14 19:36 - 2019-04-14 19:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2019-04-14 19:36 - 2014-04-03 20:35 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1050727674-2070356693-977449066-500

2019-04-14 19:35 - 2019-04-14 19:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml

2019-04-14 19:35 - 2019-04-14 19:36 - 000011433 _____ C:\WINDOWS\diagerr.xml

2019-04-14 19:32 - 2019-04-14 20:06 - 000002417 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-04-14 19:32 - 2019-04-14 20:01 - 000000000 ____D C:\Users\Hossam

2019-04-14 19:32 - 2019-04-14 19:34 - 000000000 ____D C:\Users\Administrator

2019-04-14 19:32 - 2019-04-14 19:32 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Start-meny

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Skrivare

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Programdata

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Nätverket

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Mina dokument

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Mallar

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Lokala inställningar

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Mina videoklipp

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Mina bilder

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\Documents\Min musik

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Program

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Local\Tidigare

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Hossam\AppData\Local\Programdata

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Start-meny

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Skrivare

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Programdata

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Nätverket

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Mina dokument

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Mallar

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Lokala inställningar

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Mina videoklipp

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Mina bilder

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Min musik

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Program

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Tidigare

2019-04-14 19:32 - 2019-04-14 19:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Programdata

2019-04-14 19:32 - 2018-09-15 09:29 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-04-14 19:31 - 2019-04-14 19:31 - 000000000 ____D C:\ProgramData\USOShared

2019-04-14 19:31 - 2019-03-12 08:33 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2019-04-14 19:29 - 2019-04-19 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2019-04-14 19:29 - 2019-04-14 19:33 - 005338008 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2019-04-14 18:51 - 2019-04-14 20:00 - 000000000 ___DC C:\WINDOWS\Panther

2019-04-14 18:12 - 2019-04-14 18:12 - 000000000 ___HD C:\$Windows.~WS

2019-04-14 04:50 - 2019-04-14 04:50 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignd5338a945c03891a

2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignefdcdf7ed673ecd3

2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign83eb3925791b9423

2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign5ab814c6810e3614

2019-04-14 04:48 - 2019-04-14 04:48 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign19ae9b8758f7a92e

2019-04-14 04:45 - 2019-04-14 04:45 - 000000000 ____D C:\Users\Hossam\Desktop\Windows Installations

2019-04-14 04:44 - 2019-04-14 04:44 - 000043520 ___SH C:\Users\Hossam\Downloads\Thumbs.db

2019-04-14 03:19 - 2019-04-14 03:19 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieBrowserModeList

2019-04-14 03:19 - 2019-04-14 03:19 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieBrowserModeList

2019-04-13 21:09 - 2019-04-14 19:36 - 000000254 __RSH C:\ProgramData\ntuser.pol

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Start-meny

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Skrivare

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Programdata

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Nätverket

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Mina dokument

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Mallar

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Lokala inställningar

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Mina videoklipp

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Mina bilder

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\Documents\Min musik

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Tidigare

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Programdata

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Mina videoklipp

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Mina bilder

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\Documents\Min musik

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Tidigare

2019-04-13 21:08 - 2019-04-13 21:08 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Programdata

2019-04-13 21:07 - 2019-04-14 19:35 - 000023004 _____ C:\WINDOWS\system32\emptyregdb.dat

2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia

2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

2019-04-13 20:59 - 2014-11-21 10:57 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2019-04-13 20:59 - 2014-11-21 10:57 - 000000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2019-04-13 20:56 - 2019-04-14 19:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2019-04-13 20:56 - 2017-10-27 18:36 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2019-04-13 20:56 - 2017-10-27 18:12 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2019-04-13 20:56 - 2017-10-27 18:12 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2019-04-13 20:56 - 2017-10-27 18:12 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2019-04-13 20:56 - 2017-10-27 18:12 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2019-04-13 20:56 - 2017-10-27 18:12 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2019-04-13 20:56 - 2017-10-27 18:12 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2019-04-13 20:56 - 2017-10-27 18:12 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2019-04-13 20:56 - 2017-10-25 12:33 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin

2019-04-13 20:55 - 2019-04-14 20:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation

2019-04-13 20:55 - 2019-04-14 20:24 - 000000000 ____D C:\Program Files\Realtek

2019-04-13 20:55 - 2019-04-14 19:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2019-04-13 20:55 - 2019-04-14 19:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2019-04-13 20:55 - 2019-04-14 19:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2019-04-13 20:55 - 2019-04-14 19:30 - 000000000 ____D C:\Program Files (x86)\Razer

2019-04-13 20:55 - 2019-04-13 21:01 - 000000000 ____D C:\ProgramData\Razer

2019-04-13 20:55 - 2019-04-13 20:55 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2019-04-13 20:55 - 2019-04-13 20:55 - 000000000 _____ C:\ProgramData\DP45977C.lfl

2019-04-13 02:06 - 2019-04-13 02:06 - 001640992 _____ C:\Users\Hossam\Downloads\Autoruns.zip

2019-04-12 22:08 - 2019-04-14 18:51 - 000000000 ____D C:\ESD

2019-04-11 23:39 - 2019-04-11 23:39 - 000000204 _____ C:\Users\Hossam\Desktop\UNO.url

2019-04-07 20:11 - 2019-04-07 20:12 - 000000000 ____D C:\Users\Hossam\AppData\Local\{62D85484-4670-383C-2BE8-1DD40F80E14C}

2019-04-07 19:21 - 2019-04-07 19:21 - 000000000 ____D C:\ProgramData\ByteFence

2019-04-05 04:13 - 2019-04-05 04:13 - 000000000 ____D C:\Users\Hossam\Documents\Need for Speed™ Payback

2019-03-31 18:58 - 2019-04-14 15:22 - 000000000 ____D C:\Users\Hossam\Documents\Outlook-filer

2019-03-30 23:56 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-verktyg

2019-03-28 00:13 - 2019-03-28 00:13 - 000000000 ____D C:\Users\Hossam\AppData\LocalLow\Unknown Vendor

2019-03-26 02:04 - 2019-03-26 02:04 - 000000000 ____D C:\Users\Hossam\Documents\Need for Speed™ Payback 100% done story

2019-03-26 02:01 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Payback

2019-03-26 02:01 - 2019-03-26 02:01 - 000000582 _____ C:\Users\Public\Desktop\Need for Speed™ Payback.lnk

2019-03-26 02:01 - 2019-03-26 02:01 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller

2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsigna6d0830216ae8ed9

2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign6fef7fd0825b2aae

2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign34d0784bd2a84de9

2019-03-26 00:29 - 2019-03-26 00:29 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign073d22035447f1b1

2019-03-25 23:50 - 2019-03-26 00:09 - 000000000 ____D C:\Users\Hossam\Desktop\Pics and docs

2019-03-25 23:37 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock

2019-03-25 23:37 - 2019-03-25 23:37 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Stardock

2019-03-25 23:37 - 2019-03-25 23:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\Stardock

2019-03-25 23:37 - 2019-03-25 23:37 - 000000000 ____D C:\ProgramData\Stardock

2019-03-25 23:17 - 2019-03-25 23:17 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignfb20476027667341

2019-03-25 23:17 - 2019-03-25 23:17 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign8b1536af9bf7fadf

2019-03-25 23:17 - 2019-03-25 23:17 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign66914657d09124a6

2019-03-25 23:17 - 2019-03-25 23:17 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign1c855183cca861c2

2019-03-25 15:57 - 2019-03-25 15:57 - 000000204 _____ C:\Users\Hossam\Desktop\PC Building Simulator.url

2019-03-24 23:26 - 2019-03-25 16:59 - 000000000 ____D C:\Users\Hossam\AppData\LocalLow\uTorrent

2019-03-24 23:25 - 2019-03-26 03:20 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\uTorrent

2019-03-24 23:25 - 2019-03-24 23:25 - 000000871 _____ C:\Users\Hossam\Desktop\µTorrent.lnk

2019-03-24 23:25 - 2019-03-24 23:25 - 000000851 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2019-03-24 23:24 - 2019-04-14 19:36 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-03-24 23:24 - 2019-04-14 19:36 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2019-03-24 23:24 - 2019-03-24 23:24 - 002981864 _____ (BitTorrent Inc.) C:\Users\Hossam\Downloads\uTorrent.exe

2019-03-24 02:00 - 2019-04-19 19:49 - 000000000 __RSD C:\Users\Hossam\Documents\McAfee-valv

2019-03-24 02:00 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2019-03-24 02:00 - 2019-03-24 02:00 - 000002045 _____ C:\Users\Public\Desktop\McAfee® Total Protection.lnk

2019-03-24 02:00 - 2019-03-24 02:00 - 000000000 ____D C:\Users\Hossam\AppData\Local\McAfee File Lock

2019-03-24 02:00 - 2018-12-24 08:18 - 000218408 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys

2019-03-24 02:00 - 2018-10-12 07:58 - 000088504 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys

2019-03-24 01:58 - 2019-04-08 16:39 - 000000000 ____D C:\Program Files\McAfee

2019-03-24 01:58 - 2019-04-07 19:17 - 000000000 ____D C:\Program Files (x86)\McAfee

2019-03-24 01:58 - 2019-03-24 01:58 - 000000000 ____D C:\Program Files\McAfee.com

2019-03-24 01:57 - 2019-03-24 01:59 - 000000000 ____D C:\Program Files\Common Files\McAfee

2019-03-24 01:57 - 2019-01-16 01:11 - 000509728 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe

2019-03-24 01:52 - 2019-03-24 02:02 - 000000043 _____ C:\Users\Hossam\AppData\Roaming\MCVi2UserDetail.ini

2019-03-24 01:43 - 2019-03-24 01:43 - 003921408 _____ C:\WINDOWS\system32\wksprtcli.dll

2019-03-24 01:42 - 2019-04-14 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox

2019-03-24 01:42 - 2019-03-24 01:42 - 000002492 _____ C:\Users\Administrator\Desktop\Мinecraft.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000002472 ___RS C:\Users\Hossam\Desktop\Мinecraft.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000002127 _____ C:\Users\Public\Desktop\Вattlе.nеt.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001699 _____ C:\Users\Administrator\Desktop\Ерiс Gаmes Lаunсhеr.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001679 ___RS C:\Users\Hossam\Desktop\Ерiс Gаmes Lаunсhеr.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001578 _____ C:\Users\Administrator\Desktop\Оverwatсh.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001558 ___RS C:\Users\Hossam\Desktop\Оverwatсh.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Chrome.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lightcleaner.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001092 _____ C:\Users\Administrator\Desktop\Adult Dating.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000001084 _____ C:\Users\Administrator\Desktop\Win iPhone X.lnk

2019-03-24 01:42 - 2019-03-24 01:42 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\SPI

2019-03-24 01:42 - 2019-03-24 01:42 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Browsers

2019-03-24 01:42 - 2019-03-24 01:42 - 000000000 ____D C:\Program Files (x86)\lightcleaner

2019-03-23 22:10 - 2019-03-23 22:10 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign867b3a286cc5ba7c

2019-03-23 22:10 - 2019-03-23 22:10 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign652648dcce59cb46

2019-03-23 22:10 - 2019-03-23 22:10 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign579d7a898dddfed3

2019-03-23 22:08 - 2019-03-23 22:08 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignba9094ae37c3272d

2019-03-23 22:08 - 2019-03-23 22:08 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignba5988229ebcaee2

2019-03-23 22:08 - 2019-03-23 22:08 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsign8f8ecc394cf0ce16

2019-03-23 21:58 - 2019-03-23 21:58 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsignec13ba4060efb8f2

2019-03-23 21:58 - 2019-03-23 21:58 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsigncd166cb341e4fa4f

2019-03-23 21:58 - 2019-03-23 21:58 - 000000000 ____D C:\Users\Hossam\AppData\Local\Tempzxpsigna9d70fb6cc9cba36

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-19 19:52 - 2018-09-15 18:26 - 000713712 _____ C:\WINDOWS\system32\perfh01D.dat

2019-04-19 19:52 - 2018-09-15 18:26 - 000145586 _____ C:\WINDOWS\system32\perfc01D.dat

2019-04-19 19:52 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF

2019-04-19 19:47 - 2017-01-21 14:30 - 000001375 _____ C:\Users\Hossam\Desktop\Spotify.lnk

2019-04-19 19:47 - 2016-06-12 15:58 - 000000000 ___RD C:\Users\Hossam\OneDrive

2019-04-19 19:46 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-04-19 19:46 - 2015-09-15 01:17 - 000000000 ____D C:\ProgramData\NVIDIA

2019-04-19 18:02 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2019-04-19 18:02 - 2016-06-22 04:25 - 000004520 _____ C:\Users\Hossam\AppData\Roaming\VoiceMeeterDefault.xml

2019-04-19 17:32 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF

2019-04-19 16:42 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps

2019-04-19 16:42 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness

2019-04-19 16:42 - 2017-02-06 21:58 - 000000000 ____D C:\Users\Hossam\AppData\Local\Adobe

2019-04-18 22:53 - 2016-06-22 10:22 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\OBS

2019-04-18 22:41 - 2019-02-27 17:28 - 000001390 _____ C:\Users\Public\Desktop\Skype.lnk

2019-04-18 22:41 - 2019-02-27 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2019-04-17 18:31 - 2018-09-07 19:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\Ubisoft Game Launcher

2019-04-17 03:51 - 2016-08-05 06:43 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\discord

2019-04-15 19:02 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2019-04-15 03:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\appcompat

2019-04-15 03:05 - 2017-08-18 20:13 - 000000000 ____D C:\Users\Hossam\Desktop\Hossam

2019-04-14 22:06 - 2018-09-15 09:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2019-04-14 22:06 - 2018-09-15 09:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2019-04-14 22:06 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp

2019-04-14 22:01 - 2016-06-12 15:54 - 000000000 ____D C:\Users\Hossam\AppData\Local\Packages

2019-04-14 20:28 - 2019-02-27 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark Redux

2019-04-14 20:28 - 2019-02-25 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry New Dawn

2019-04-14 20:28 - 2019-02-08 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2019-04-14 20:28 - 2018-12-19 06:23 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%

2019-04-14 20:28 - 2018-12-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard

2019-04-14 20:28 - 2018-11-22 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PosteRazor

2019-04-14 20:28 - 2018-10-29 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2019-04-14 20:28 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN

2019-04-14 20:28 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\WCN

2019-04-14 20:28 - 2018-09-15 09:36 - 000000000 ____D C:\WINDOWS\Setup

2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 __RHD C:\Users\Public\Libraries

2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\spool

2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe

2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Help

2019-04-14 20:28 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2019-04-14 20:28 - 2018-09-15 09:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2019-04-14 20:28 - 2018-08-19 00:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 5

2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\gl-ES

2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\eu-ES

2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\es-cl

2019-04-14 20:28 - 2018-08-19 00:22 - 000000000 ____D C:\WINDOWS\system32\ca-ES

2019-04-14 20:28 - 2018-06-30 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hello Neighbor

2019-04-14 20:28 - 2018-06-08 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch

2019-04-14 20:28 - 2018-06-08 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2019-04-14 20:28 - 2018-04-08 02:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Viewer Lite

2019-04-14 20:28 - 2017-04-07 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\extensions

2019-04-14 20:28 - 2017-03-24 20:30 - 000000000 ____D C:\WINDOWS\system32\MRT

2019-04-14 20:28 - 2017-02-19 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2019-04-14 20:28 - 2017-02-01 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft

2019-04-14 20:28 - 2017-01-03 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios

2019-04-14 20:28 - 2016-12-11 03:35 - 000000000 ____D C:\WINDOWS\system32\log

2019-04-14 20:28 - 2016-11-28 00:44 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive

2019-04-14 20:28 - 2016-11-06 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2019-04-14 20:28 - 2016-11-05 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet PhotoLooks

2019-04-14 20:28 - 2016-11-05 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant

2019-04-14 20:28 - 2016-10-31 19:19 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3

2019-04-14 20:28 - 2016-10-23 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks

2019-04-14 20:28 - 2016-07-26 02:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot

2019-04-14 20:28 - 2016-07-15 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2019-04-14 20:28 - 2016-07-04 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse

2019-04-14 20:28 - 2016-06-29 04:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set

2019-04-14 20:28 - 2016-06-17 19:53 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2019-04-14 20:28 - 2016-06-17 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2019-04-14 20:28 - 2015-09-15 01:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo

2019-04-14 20:28 - 2015-09-15 01:19 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2019-04-14 20:28 - 2015-09-15 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sda

2019-04-14 20:28 - 2015-09-15 01:17 - 000000000 ____D C:\Program Files (x86)\Realtek

2019-04-14 20:28 - 2014-11-21 18:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager

2019-04-14 20:28 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2019-04-14 20:28 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2019-04-14 20:24 - 2019-02-25 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2019-04-14 20:24 - 2018-09-15 18:27 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2019-04-14 20:24 - 2018-09-15 18:27 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm

2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr

2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts

2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\winrm

2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\slmgr

2019-04-14 20:24 - 2018-09-15 18:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\InputMethod

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\et-EE

2019-04-14 20:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\InputMethod

2019-04-14 20:24 - 2018-08-02 01:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ

2019-04-14 20:24 - 2016-06-22 04:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio

2019-04-14 20:24 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared

2019-04-14 20:24 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared

2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2019-04-14 20:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr

2019-04-14 20:22 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism

2019-04-14 20:19 - 2019-03-12 08:34 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2019-04-14 20:19 - 2018-09-15 09:41 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe

2019-04-14 20:19 - 2018-09-15 09:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe

2019-04-14 20:19 - 2018-09-15 09:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll

2019-04-14 20:19 - 2018-09-15 09:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll

2019-04-14 20:19 - 2018-09-15 09:37 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll

2019-04-14 20:19 - 2018-09-15 09:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll

2019-04-14 20:19 - 2018-09-15 09:37 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe

2019-04-14 20:19 - 2018-09-15 09:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll

2019-04-14 20:19 - 2018-09-15 09:37 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll

2019-04-14 20:19 - 2018-09-15 09:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll

2019-04-14 20:19 - 2018-09-15 09:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll

2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI

2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX

2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MUI

2019-04-14 20:19 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\es-MX

2019-04-14 20:18 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ServiceState

2019-04-14 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2019-04-14 20:04 - 2018-02-09 03:12 - 000000000 ____D C:\Users\Hossam\Desktop\Min Dator

2019-04-14 20:01 - 2016-06-13 00:52 - 000000000 __RHD C:\Users\Public\AccountPictures

2019-04-14 19:45 - 2018-10-29 02:33 - 000000000 ____D C:\temp

2019-04-14 19:45 - 2018-09-09 01:22 - 000000000 ____D C:\Program Files (x86)\VulkanRT

2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Registration

2019-04-14 19:36 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\windows nt

2019-04-14 19:36 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2019-04-14 19:33 - 2019-02-25 21:53 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2019-04-14 19:33 - 2018-08-31 22:07 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

2019-04-14 19:33 - 2016-06-22 10:21 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software

2019-04-14 19:33 - 2016-06-17 01:45 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2019-04-14 19:32 - 2018-11-20 19:07 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VectorCraft Games

2019-04-14 19:32 - 2018-10-29 23:28 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultrabox

2019-04-14 19:32 - 2018-07-30 19:48 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2019-04-14 19:32 - 2016-08-05 06:43 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc

2019-04-14 19:32 - 2016-06-22 04:20 - 000000000 ____D C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio

2019-04-14 19:32 - 2014-04-03 20:18 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages

2019-04-14 19:31 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\USOPrivate

2019-04-14 19:30 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\PrintDialog

2019-04-14 19:30 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2019-04-14 18:25 - 2016-07-26 02:12 - 000000410 _____ C:\WINDOWS\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001.job

2019-04-14 15:35 - 2018-08-08 00:55 - 000000000 ____D C:\Program Files\Microsoft Office

2019-04-14 15:22 - 2019-02-07 03:39 - 000002147 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk

2019-04-14 15:21 - 2016-07-26 02:12 - 000000410 _____ C:\WINDOWS\Tasks\update-sys.job

2019-04-14 04:50 - 2016-07-05 19:50 - 000000000 ____D C:\Users\Hossam\Desktop\Bilder

2019-04-14 03:19 - 2016-06-17 01:13 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieUserList

2019-04-14 03:19 - 2016-06-17 01:13 - 000000000 __SHD C:\Users\Hossam\AppData\Local\EmieSiteList

2019-04-14 03:19 - 2016-06-12 16:02 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieUserList

2019-04-14 03:19 - 2016-06-12 16:02 - 000000000 __SHD C:\Users\Hossam\AppData\LocalLow\EmieSiteList

2019-04-14 01:57 - 2018-10-29 22:02 - 000000000 ____D C:\Users\Hossam\Downloads\Youtube

2019-04-13 21:02 - 2013-08-22 15:36 - 000000000 ____D C:\Users\Default.migrated

2019-04-13 02:49 - 2017-03-16 16:42 - 000000000 ____D C:\Users\Hossa_000

2019-04-12 23:54 - 2016-11-05 14:02 - 000000000 ____D C:\Users\Hossam\AppData\Local\ElevatedDiagnostics

2019-04-12 15:50 - 2016-10-29 20:05 - 000000000 ____D C:\Users\Hossam\AppData\Local\CrashDumps

2019-04-07 19:17 - 2015-09-15 01:23 - 000000000 ____D C:\ProgramData\McAfee

2019-03-30 23:56 - 2018-08-08 01:07 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk

2019-03-30 23:56 - 2018-08-08 01:07 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk

2019-03-30 23:56 - 2018-08-08 01:07 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk

2019-03-30 23:56 - 2018-08-08 01:07 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk

2019-03-30 23:56 - 2018-08-08 01:07 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

2019-03-30 23:56 - 2018-08-08 01:07 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

2019-03-30 23:56 - 2018-08-08 01:07 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk

2019-03-30 23:53 - 2018-08-08 01:08 - 000002312 _____ C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive för företag.lnk

2019-03-27 15:16 - 2015-09-15 01:19 - 001856382 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2019-03-26 02:01 - 2015-09-15 01:19 - 000000000 ____D C:\ProgramData\Package Cache

2019-03-25 15:47 - 2019-02-25 01:40 - 000000000 ____D C:\Users\Hossam\AppData\LocalLow\The Irregular Corp

2019-03-24 23:23 - 2018-02-04 05:57 - 000000000 ____D C:\Program Files (x86)\Google

2019-03-24 02:37 - 2018-08-27 15:41 - 000000000 __SHD C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}

2019-03-24 02:37 - 2018-08-26 02:11 - 000000000 __SHD C:\Users\Hossam\AppData\Local\UserData.db

2019-03-24 02:37 - 2018-08-01 14:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\{9A5F1821-1526-1C50-A634-7F84341A2214}

2019-03-24 02:37 - 2018-07-23 23:11 - 000000000 ___HD C:\Users\Hossam\AppData\Local\web server extensions

2019-03-24 02:37 - 2018-07-09 21:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\Windows Workflow Foundation

2019-03-24 02:36 - 2018-09-14 23:41 - 000000000 __SHD C:\Users\Hossam\AppData\Local\PortableApps.com

2019-03-24 02:36 - 2018-09-11 20:41 - 000000000 __SHD C:\Users\Hossam\AppData\Local\NET.Remote Assistance

2019-03-24 02:36 - 2018-07-25 22:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\Remote NET.Assistance

2019-03-24 02:36 - 2018-07-21 18:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\NET.Framework SDK

2019-03-24 02:36 - 2018-07-16 23:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\Peer.Net

2019-03-24 02:35 - 2018-05-18 22:11 - 000000000 ___HD C:\Users\Hossam\AppData\Local\MSN Gaming Zone

2019-03-24 02:34 - 2018-08-31 17:11 - 000000000 __SHD C:\Users\Hossam\AppData\Local\Media Network Sharing

2019-03-24 02:34 - 2018-07-16 01:11 - 000000000 ___HD C:\Users\Hossam\AppData\Local\Local Extension Settings

2019-03-24 02:34 - 2018-06-04 01:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\helpctr

2019-03-24 02:34 - 2018-05-01 18:25 - 000000000 ___HD C:\Users\Hossam\AppData\Local\InstallShield

2019-03-24 02:31 - 2018-08-04 00:11 - 000000000 ___HD C:\Users\Hossam\AppData\Local\FoxitReaderPortable

2019-03-24 02:30 - 2018-06-18 00:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\CamStudio 2.8.0

2019-03-24 02:30 - 2018-06-04 21:41 - 000000000 ___HD C:\Users\Hossam\AppData\Local\CamStudio 2.7

2019-03-24 02:00 - 2013-08-22 15:25 - 000000124 _____ C:\WINDOWS\win.ini

2019-03-24 01:58 - 2016-10-25 00:06 - 000000000 ____D C:\Program Files\Common Files\AV

2019-03-24 01:48 - 2016-06-18 02:45 - 000000000 ____D C:\ProgramData\boost_interprocess

2019-03-23 22:10 - 2018-04-08 02:37 - 000000000 ____D C:\Users\Hossam\AppData\Local\File Viewer

==================== Files in the root of some directories =======

2018-02-04 05:11 - 2016-05-05 18:37 - 000059904 _____ (Microsoft Corporation) C:\Program Files (x86)\ynYyYSO.exe

2017-04-12 21:35 - 2017-04-12 21:35 - 143054765 _____ () C:\Program Files\Common Files\Adobe.rar

2018-02-04 05:11 - 2016-05-05 18:37 - 000059904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\WYUoEqIpB.exe

2016-06-21 04:53 - 2016-06-24 23:26 - 000000132 _____ () C:\Users\Hossam\AppData\Roaming\Adobe PNG Format CS6 Prefs

2016-10-05 23:21 - 2018-01-31 19:48 - 000000033 _____ () C:\Users\Hossam\AppData\Roaming\AdobeWLCMCache.dat

2019-03-24 01:52 - 2019-03-24 02:02 - 000000043 _____ () C:\Users\Hossam\AppData\Roaming\MCVi2UserDetail.ini

2016-06-22 04:25 - 2019-04-19 18:02 - 000004520 _____ () C:\Users\Hossam\AppData\Roaming\VoiceMeeterDefault.xml

2019-04-16 01:08 - 2019-04-16 01:08 - 000000037 _____ () C:\Users\Hossam\AppData\Roaming\WB.CFG

2017-02-06 22:10 - 2019-04-14 19:09 - 002785478 _____ () C:\Users\Hossam\AppData\Local\BTServer.log

2018-11-07 16:11 - 2018-11-14 00:41 - 006161408 _____ () C:\Users\Hossam\AppData\Local\dump007.dat

2018-09-28 17:48 - 2018-09-28 17:48 - 000000000 _____ () C:\Users\Hossam\AppData\Local\oobelibMkey.log

2017-04-12 16:31 - 2017-04-12 16:41 - 000007625 _____ () C:\Users\Hossam\AppData\Local\Resmon.ResmonCfg

2017-02-06 23:25 - 2017-02-06 23:25 - 000000003 _____ () C:\Users\Hossam\AppData\Local\updater.log

2018-02-04 05:11 - 2018-02-04 05:11 - 000000003 _____ () C:\Users\Hossam\AppData\Local\wbem.ini

Some files in TEMP:

====================

2019-04-19 19:47 - 2019-04-14 20:32 - 000781032 _____ (Spotify Ltd) C:\Users\Hossam\AppData\Local\Temp\SpotifyMigrator.exe

Some zero byte size files/folders:

==========================

C:\Windows\SysWOW64\Drivers\89a7e005f9f9712bfbd8e64b60f54381.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\dllhost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#4
iMacg3

Posted 19 April 2019 - 01:52 PM

GeekU PowerPC G3

GeekU Moderator
1,921 posts

Hi,

Please post the contents of the Addition.txt log created by FRST.
It will be in the same directory as FRST64.EXE.

#5
HossamL

Posted 19 April 2019 - 03:11 PM

Member

Topic Starter
Member
15 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019

Ran by Hossam (19-04-2019 20:00:44)

Running from C:\Users\Hossam\Downloads

Windows 10 Home Version 1809 17763.437 (X64) (2019-04-14 17:36:26)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administratör (S-1-5-21-561342403-3159581679-3982711157-500 - Administrator - Disabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-561342403-3159581679-3982711157-503 - Limited - Disabled)

Gäst (S-1-5-21-561342403-3159581679-3982711157-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-561342403-3159581679-3982711157-1003 - Limited - Enabled)

Hossam (S-1-5-21-561342403-3159581679-3982711157-1001 - Administrator - Enabled) => C:\Users\Hossam

WDAGUtilityAccount (S-1-5-21-561342403-3159581679-3982711157-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)

Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)

Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)

Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)

amuleC (HKLM-x32\...\{19539992-061C-4E8B-9053-07B175303AF4}) (Version: 1.0.1 - amuleC) <==== ATTENTION

Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Apple-programstöd (32-bitar) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)

Apple-programstöd (64-bitar) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)

Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version: - )

Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Car Mechanic Simulator 2018 Ford (HKLM\...\Y2FybWVjaGFuaWNzaW11bGF0b3IyMDE4_is1) (Version: 1 - )

Chroma Clock version 1.0.3 (HKLM-x32\...\{05C726E4-E592-4078-B0CF-41E65FE313DD}_is1) (Version: 1.0.3 - Tim Gebauer)

Chroma Sync (HKLM-x32\...\{BC8D681E-1F5D-4C68-8E3E-A9A614D66C14}) (Version: 1.1.1 - Ultrabox Entertainment Limited)

Chroma Tic Tac Toe (HKLM-x32\...\Chroma Tic Tac Toe) (Version: 1.0.3 - VectorCraft Games)

Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)

Computer Security 17.215.129.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.215.129.0 - F-Secure Corporation) Hidden

CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)

Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden

Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden

Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden

Discord (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden

Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)

Epic Games Launcher (HKLM-x32\...\{9F55B4DA-23ED-44FA-910E-BDDBD6D942CF}) (Version: 1.1.123.0 - Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Euro Truck Simulator 2 (HKLM\...\Euro Truck Simulator 2_is1) (Version: 1.31.0.92 - )

f.lux (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\Flux) (Version: - f.lux Software LLC)

FamilySafetyGuide (HKLM-x32\...\{9A268503-5AB0-479E-9690-929BDEC55C00}) (Version: 1.00.0711 - lenovo)

Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)

Far Cry 4 version 1.10.0.0 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.10.0.0 - Mr DJ)

Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)

Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )

Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)

Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )

File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.11 - Sharpened Productions)

File Viewer Lite (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.4.1 - Sharpened Productions)

FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)

FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )

F-Secure SAFE (HKLM-x32\...\{9F1F7158-62F9-45F8-8D35-346A0E2E683D}) (Version: 3.15.285.0 - F-Secure Corporation) Hidden

F-Secure Ultralight 1.1.24.0 (release) (HKLM-x32\...\{9FAE989F-A043-4017-B60F-9134E992BB55}) (Version: 1.1.24.0 - F-Secure Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden

Hello Neighbor (HKLM-x32\...\Hello Neighbor_is1) (Version: - )

HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios)

Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)

Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)

iTunes (HKLM\...\{69357E2A-A15B-44A1-956F-492E9DE3C0FB}) (Version: 12.9.3.3 - Apple Inc.)

Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)

Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)

Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)

Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.) Hidden

Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)

Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.) Hidden

Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)

Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden

Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)

Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 1.0.11.0 - Lenovo Group Limited)

Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)

lightcleaner version 1.0 (HKLM-x32\...\{2C1A121C-292F-460D-BA62-3B9886D0DE46}_is1) (Version: 1.0 - 360dev)

Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)

LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.01.0429 - Lenovo)

Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version: - )

Magic Bullet Suite 64-bit (HKLM\...\{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant) Hidden

Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant)

McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)

Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)

Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.11425.20204 - Microsoft Corporation)

Microsoft Office Proofing Tools 2013 - Svenska (HKLM-x32\...\{90150000-001F-041D-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)

Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)

NVIDIA 3D Vision drivrutin 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)

NVIDIA 3D Vision drivrutin för styrenhet 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)

NVIDIA Grafikdrivrutin 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)

NVIDIA Miracast virtuell audio 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 419.17 - NVIDIA Corporation)

NVIDIA PhysX systemprogramvara 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20204 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20204 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.11425.20204 - Microsoft Corporation) Hidden

Online Safety 2.215.7452.4118 (HKLM-x32\...\{0DD64CD2-B23F-4A3D-A88D-EF6848A20167}) (Version: 2.215.7452.4118 - F-Secure Corporation) Hidden

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

OpenOffice 4.1.3 (HKLM-x32\...\{78EE7944-E65F-466C-A720-6410F432708D}) (Version: 4.13.9783 - Apache Software Foundation)

osu! (HKLM-x32\...\{af56a254-d039-4511-814c-5c6aa494c238}) (Version: latest - ppy Pty Ltd)

Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)

Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.1.0.0 - Popcorn Time) <==== ATTENTION

PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.22.3 - Razer Inc.)

Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.0401.032710 - Razer Inc.)

REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010714 - REALTEK Semiconductor Corp.)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0240 - REALTEK Semiconductor Corp.)

Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.8.1 - Red Giant, LLC)

ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version: - )

Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)

RESIDENT EVIL 2 v.1.0 (HKLM-x32\...\RESIDENT EVIL 2_is1) (Version: - )

Roblox Player for Hossam (HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\roblox-player) (Version: - Roblox Corporation)

Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)

Skype version 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Streamlabs OBS 0.9.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.1 - General Workings, Inc.)

The Long Dark Redux (HKLM-x32\...\The Long Dark Redux_is1) (Version: - )

Thief Simulator (HKLM-x32\...\Thief Simulator_is1) (Version: - )

Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)

Trapcode Suite 64-bit (HKLM\...\{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant) Hidden

Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant)

Trapcode Suite v13.1.0 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.0 - Red Giant, LLC)

Uninstall Chroma Discord App (Unofficial) (HKLM-x32\...\Chroma Discord App (Unofficial)_is1) (Version: - Tim Graupmann)

Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)

VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)

WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)

Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-561342403-3159581679-3982711157-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> c:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File

ShellExecuteHooks: No Name - {51D5E1A8-AA8E-11E6-A046-64006A5CFC23} - -> No File

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> No File

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll -> No File

ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)

ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)

ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)

ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hossam\AppData\Local\MEGAsync\ShellExtX64.dll -> No File

ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]

ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> No File

ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => D:\Games\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)

ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-05-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1D6E24CB-0ED1-42D6-8D46-A71D6689DDC1} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent

Task: {266AE8B3-A3EF-422B-8934-12505A6124C3} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

Task: {27057069-7152-43F1-84D5-61F95CEF75E9} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe

Task: {2C5CA9E1-82C9-4074-99E4-4E9D8F50B65A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {3530CCB2-22E3-4040-9728-9EE36A8B8AD9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe

Task: {3D39ABF1-CFB7-4324-A7F2-FD7FD2B1215B} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe <==== ATTENTION

Task: {3F3E55DA-7BFF-47DD-AF61-C3FE5FEF8F1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)

Task: {41B818F0-54FB-401A-8681-B9DAFEA8110F} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary

Task: {42F21B64-ADD3-4057-A8B7-09A19BC7042B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {48228A0D-9766-449F-B9F8-04A9EE4B30D8} - System32\Tasks\McInstruTrack => C:\ProgramData\McAfee\McInstruTrack\McInstruTrack.exe (McAfee, Inc. -> McAfee, Inc.)

Task: {50B71003-DE6D-4D39-8BBF-3D329F488426} - System32\Tasks\{ED5084A6-4D34-4C5A-AA8D-3723621254F9} => C:\Program Files (x86)\ynYyYSO.exe (Microsoft Corporation) [File not signed]

Task: {538447A7-A2FC-4B39-9F8C-4BBC857EA9E0} - System32\Tasks\MicrosoftUpdate => C:\Users\Hossam\AppData\Roaming\MicrosoftUpdate\MicrosoftUpdate.exe <==== ATTENTION

Task: {54F6EB91-CBF6-4219-AB2B-AAA2C0735E65} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {586383E6-966C-4E10-B680-5A539D83C556} - System32\Tasks\{C21F450B-D00F-4ABE-B6D2-CDE6C65B23FA} => C:\Program Files (x86)\Common Files\WYUoEqIpB.exe (Microsoft Corporation) [File not signed]

Task: {59C96A0C-80AE-41A4-8732-B3F5A429F981} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {5D9458AF-6B07-4A0C-874F-1AE4774EA8E6} - System32\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> )

Task: {5F24CCC5-1EBD-4D21-8AE9-5C2C45A41B56} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION

Task: {71241815-BE2A-4F50-85ED-3F08D1593A69} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )

Task: {80FACC5B-3896-456E-A90B-B8312673FA6D} - System32\Tasks\Razer Synapse\Razer Synapse => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

Task: {84CE4EDE-8542-4478-94E2-E1481BC5A3B3} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)

Task: {8584065D-51C2-46DE-869D-0184F20ED690} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe (LENOVO -> )

Task: {8B7216AD-38C3-4FA8-86FD-00BB3BD295E3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)

Task: {8E83F516-F4B0-4D2C-BA44-91461C54A207} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.)

Task: {9B0F6DFE-DD99-4C7E-AA99-E0AF1187B2FB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe

Task: {A67595D8-DA43-4740-8ABA-E82AF2BE7526} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {AFDB3178-085E-488E-B6C0-4B5F9E07B04D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

Task: {B010C09D-2169-4084-BB4E-79953ADCE67F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {B303D993-83D7-40BB-B4A5-B8A5FCB734B1} - System32\Tasks\b86d3bc690af9a1b64797c131e23dee6 => rundll32.exe "C:\Program Files (x86)\Norton Security\ptjykb.dll",e62dc6c6547f46bda862da2d05af6862 <==== ATTENTION

Task: {B39B2B2A-7465-4AAC-B2B9-65462EB79F05} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> )

Task: {CD930E8D-C782-42B8-BB1B-DD68935A364A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

Task: {D0574EC9-3E0B-4CA2-85A6-296000E66E4C} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe (McAfee, Inc. -> McAfee, Inc.)

Task: {D1D7AE02-DB88-4956-99BB-4FA2107898E0} - System32\Tasks\Nervition Reports => C:\Program Files (x86)\Merpetionannage\plufet.exe (Glarysoft LTD -> Glarysoft Ltd)

Task: {D228733F-2332-49F1-9150-034E8096E799} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)

Task: {DB0CCCC6-1CB3-4689-9FB8-2E650E0DF01B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)

Task: {E0364B0E-50E5-4B41-99DA-1321C9E5166E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {E1CE0FBB-2DAD-48E4-BC85-AE3B9BDF3AFD} - System32\Tasks\{24374C17-E411-49F6-9EEF-C6AB8679F3EC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{147EC100-14BE-45EF-AB42-35BAEE7D02F0}"

Task: {E963842E-FB8E-4ABD-A4D9-215383F112F4} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {EF9B914E-9465-4801-B894-BF34297F7232} - System32\Tasks\Microsoft\Windows\WCM\Provisioning\Purge.S-1-5-21-561342403-3159581679-3982711157-1001

Task: {F05E8E50-1441-4071-A48D-54E774FCB268} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {FA1227DE-8DF7-4B0D-A7D7-E116A11EEAC7} - System32\Tasks\{90080978-87CD-43C8-A945-5C4509928561} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Hossam\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\RobloxPlayerLauncher.exe -c -uninstall

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-561342403-3159581679-3982711157-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Hossam\Desktop\Еpiс Gаmes Lаunсher.lnk -> D:\Program\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Epic Games, Inc.) <==== Cyrillic

Shortcut: C:\Users\Hossam\Desktop\Ерiс Gаmes Lаunсhеr.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.rehcnualsemagcipe.bat ()

Shortcut: C:\Users\Hossam\Desktop\Мinecraft.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.rehcnualtfarcenim.bat ()

Shortcut: C:\Users\Hossam\Desktop\Оverwatсh.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.rehcnual hctawrevo.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Сhromе.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.emorhc.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоoglе Сhromе.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.emorhc.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Chrome.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.emorhc.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Еxрlorеr.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.erolpxei.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ерiс Games Lаunсhеr.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.rehcnualsemagcipe.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мinеcraft.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.rehcnualtfarcenim.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Intеrnet Eхplоrer.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.erolpxei.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d75398020044c136\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Goоglе Сhrоmе.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.emorhc.bat ()

Shortcut: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Gоoglе Chrоmе.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) <==== Cyrillic

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Chrome.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.emorhc.bat ()

Shortcut: C:\Users\Public\Desktop\Вattlе.nеt.lnk -> C:\Users\Hossam\AppData\Roaming\Browsers\exe.rehcnual ten.elttab.bat ()

ShortcutWithArgument: C:\Users\Hossam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\693605f3e4a93739\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2019-04-14 19:45 - 2017-10-27 18:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

2019-04-14 19:45 - 2017-10-27 18:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

2015-09-15 01:18 - 2011-08-17 05:46 - 000032768 _____ () [File not signed] C:\Windows\jmesoft\Service.exe

2013-08-27 23:32 - 2013-08-27 23:32 - 000747520 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe

2017-03-05 02:25 - 2016-06-25 09:52 - 000018432 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe

2018-05-07 01:06 - 2018-04-06 15:26 - 000339968 _____ (Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe

2017-03-05 02:25 - 2016-06-25 09:52 - 001531904 _____ (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe

2017-03-05 02:25 - 2016-06-25 09:52 - 002424320 _____ (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe

2015-09-15 01:18 - 2013-07-24 22:15 - 000118784 _____ (Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe

2015-09-15 01:18 - 2011-08-17 05:46 - 000024576 _____ () [File not signed] C:\Windows\jmesoft\JME_LOAD.exe

2017-03-05 02:25 - 2016-03-01 21:53 - 000135168 _____ (RBSoft) [File not signed] C:\Program Files (x86)\Remote Mouse\AutoUpdater.NET.dll

2017-03-05 02:25 - 2015-05-26 20:54 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\FileS.dll

2019-04-14 19:45 - 2017-10-27 18:06 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

2015-09-15 01:18 - 2011-05-17 22:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll

2018-10-10 19:49 - 2018-08-09 15:16 - 004876800 _____ (Gracenote, Inc.) [File not signed] C:\WINDOWS\system32\GNSDK_FP.DLL

2015-09-15 01:24 - 2015-09-15 01:24 - 000348160 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll

2013-11-21 17:31 - 2013-11-21 17:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll

2013-11-21 17:31 - 2013-11-21 17:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [474]

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-02-20 01:19 - 2019-04-16 03:08 - 000000002 _____ C:\WINDOWS\system32\drivers\etc\hosts

2016-11-20 02:27 - 2016-11-20 20:30 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\File Viewer Lite\lib\magick;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hossam\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles (2)\DesktopBackground\yosemite-4.jpg

DNS Servers: 10.0.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "SwitchBoard"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "uTorrent"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Clownfish"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Discord"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "SaferVPN"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "RGSC"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "gflauncher"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "Skype for Desktop"

HKU\S-1-5-21-561342403-3159581679-3982711157-1001\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A2CBD02C-8C07-4B8B-8D65-E8CECD887E91}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{D522C3EC-4120-43AC-B9F7-411555FF3B3F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{4BF2A3FC-1DE2-4D04-B64A-F48CD0F730DF}] => (Allow) C:\Program Files (x86)\lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)

FirewallRules: [{42959A26-7D13-4B34-86DB-99EB49AB911A}] => (Allow) C:\Program Files (x86)\lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)

FirewallRules: [TCP Query User{1121A553-51F6-408B-9D11-B02EB3878D9A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File

FirewallRules: [UDP Query User{BD9A5EC2-CD27-42D8-A9C0-9A99A22D3498}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File

FirewallRules: [{B16456C4-DDD8-40F2-B13F-03126A31E92F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{45F9C294-8FA1-4E37-84DE-6FBC9E54B364}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{E5600F56-CE83-401B-9547-C584BC16098D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{DAE3AB73-03F9-4C92-89C7-6E1DC7261F98}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{7145DD77-CEE4-40B4-A155-1EDC463841F0}] => (Allow) D:\Program\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{A3C2DD37-A388-4084-849D-6751E022F709}] => (Allow) D:\Program\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{220058FC-672D-4805-ACBB-C22449258351}] => (Allow) D:\Program\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]

FirewallRules: [{DAEB64C3-EF01-4853-83F0-BBF9E3142F70}] => (Allow) D:\Program\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]

FirewallRules: [{21EE042A-9BBF-4FB9-ABD5-6093061ED8F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{3B86AD98-3E41-4D0F-9725-E4F32FA65242}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{D76B4EAB-ADDB-489A-9E0B-D9E6E33A4EE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{32A3C7BF-7E33-4362-980D-D523D33E0146}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [TCP Query User{C37940A1-BE96-4CA0-9466-880B01585595}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File

FirewallRules: [UDP Query User{3DAA6303-025C-4B8E-A2DB-E3538F49045B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File

FirewallRules: [{A5D5FA53-1A45-45D6-BF1C-4F135B4C03C3}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]

FirewallRules: [{8FB3E3EC-18BF-48E1-8299-C4226FDD61CF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]

FirewallRules: [{5F1419B8-F4ED-45D5-8A08-170016ECC164}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe () [File not signed]

FirewallRules: [{671A6964-6D16-4D71-BC8D-DCF1AC1C2799}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe () [File not signed]

FirewallRules: [{962B6AB3-0D76-4421-A0D7-938F9F1CEFDB}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe No File

FirewallRules: [{856ED948-B5E6-4515-BEED-E865164D5E68}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe No File

FirewallRules: [TCP Query User{63189B37-0A14-4EAD-895C-D81EF6A738CB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File

FirewallRules: [UDP Query User{506404D3-AB57-4609-9A17-E36306A00B59}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File

FirewallRules: [TCP Query User{1824F640-3DC4-475E-8AFE-BC31CB9339E5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File

FirewallRules: [UDP Query User{FAB7BD56-8866-4D0C-AB5C-C6F3B2113617}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File

FirewallRules: [TCP Query User{5258047E-91D3-4DB4-9CA1-847142521EA1}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe No File

FirewallRules: [UDP Query User{D9AD9EAF-3403-4F0D-B037-FB6F37641863}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe No File

FirewallRules: [{A4393C57-5A6D-4CFF-A452-A8465C7275DB}] => (Allow) D:\Program\steamapps\common\ShellShock Live\ShellShockLive.exe () [File not signed]

FirewallRules: [{DC51EA6B-8849-498C-AE89-9AEDE00C192D}] => (Allow) D:\Program\steamapps\common\ShellShock Live\ShellShockLive.exe () [File not signed]

FirewallRules: [{8BF074A5-0CBE-4978-963E-5778882BF8C6}] => (Allow) D:\Program\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{70EDF54C-1440-4EB0-A94A-4A578677D3DC}] => (Allow) D:\Program\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [TCP Query User{F04B1301-99B1-4FAD-8C52-AE14ED4B779E}D:\program\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) D:\program\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

FirewallRules: [UDP Query User{07E9F6CA-6655-4BC1-A817-E7C53903779E}D:\program\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) D:\program\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

FirewallRules: [TCP Query User{33F50134-5A30-4753-A445-583185722CF7}D:\program\adobe\adobe photoshop cc 2017\photoshop.exe] => (Allow) D:\program\adobe\adobe photoshop cc 2017\photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

FirewallRules: [UDP Query User{8CCEA223-A0D4-4417-AC9B-6CB170D29674}D:\program\adobe\adobe photoshop cc 2017\photoshop.exe] => (Allow) D:\program\adobe\adobe photoshop cc 2017\photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

FirewallRules: [{75DFE634-27EE-4B74-A65E-11E3C8341220}] => (Allow) D:\Program\bin\cef\cef.win7\steamwebhelper.exe No File

FirewallRules: [{9C3E6FE0-3802-4477-9233-9F4AB804EDEB}] => (Allow) D:\Program\bin\cef\cef.win7\steamwebhelper.exe No File

FirewallRules: [{9447F70F-D605-401B-A0D6-FFC69FAFF884}] => (Allow) D:\Program\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{7715D6A6-8D2A-4020-9E4A-AB438C3A4D2A}] => (Allow) D:\Program\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{88278469-FDE9-4FAC-AF4D-DAA554DFF4E6}D:\program\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{7E74AD58-6376-46F6-8C6E-C59AB11B8BFA}D:\program\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{116DA09C-EF89-4FFB-9CC3-DF9B03F2238D}] => (Allow) D:\Program\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

FirewallRules: [{8275A172-D5C1-48B6-8ED6-5F4E5D0C0942}] => (Allow) D:\Program\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

FirewallRules: [{537D1BD4-3AB1-4CA7-9AAD-F52B4849DB5D}] => (Allow) D:\Program\steamapps\common\GarrysMod\hl2.exe () [File not signed]

FirewallRules: [{42E23B90-DD1C-4685-932A-2A303D61C08E}] => (Allow) D:\Program\steamapps\common\GarrysMod\hl2.exe () [File not signed]

FirewallRules: [{D8B84BC2-BFAA-42CD-8682-30DD4241BB32}] => (Allow) D:\Program\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]

FirewallRules: [{6338E8DF-0650-4059-8357-9895B3184558}] => (Allow) D:\Program\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]

FirewallRules: [TCP Query User{A81B8C8E-D41A-498E-A40D-29EFF701CEF6}D:\program\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\program\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)

FirewallRules: [UDP Query User{871AF092-A7D9-4D9D-851A-E150E1F11527}D:\program\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\program\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)

FirewallRules: [TCP Query User{307F11D5-CF9D-4A62-83BD-72B30F86D4BB}D:\program\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) D:\program\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

FirewallRules: [UDP Query User{DA45F476-BD66-454D-841E-7B6B10C3D908}D:\program\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) D:\program\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

FirewallRules: [TCP Query User{E57D0869-AEA6-4D2E-9E2B-13EC537EFE5E}C:\users\hossam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hossam\appdata\roaming\spotify\spotify.exe No File

FirewallRules: [UDP Query User{2A6E0F34-75D4-4200-BFE4-F1BEB473FB45}C:\users\hossam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hossam\appdata\roaming\spotify\spotify.exe No File

FirewallRules: [{84A10634-7343-411A-AF4E-75FA1CFDE257}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File

FirewallRules: [{1051A245-B9CD-4119-9187-E44A58205D7E}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe No File

FirewallRules: [{001F9289-5AC9-45BF-A82E-C0790A8C0569}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{B7430AD4-A056-45E3-B270-49EBF0289047}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{C3F923FC-328C-4762-9A5F-610B060EC436}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{11AF954E-EC11-4468-8B6D-E8C5E8C792CA}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]

FirewallRules: [{99B6610B-F02D-45A5-B7FA-116AE5E7BCD9}] => (Allow) D:\Program\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe () [File not signed]

FirewallRules: [{D2942319-535E-45F2-9671-3B680A7147F5}] => (Allow) D:\Program\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe () [File not signed]

FirewallRules: [{5D718B9B-6984-4BF7-9165-A14E53D3C947}] => (Allow) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc -> Google Inc.)

FirewallRules: [{0D5C3B04-A33F-45A7-81F1-353C4BC30272}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxmz7lf120hchp-000l1_s25znxag606008.dat No File

FirewallRules: [{D591BB18-4D30-4654-A578-F55D39C723DB}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxmz7lf120hchp-000l1_s25znxag606008.dat No File

FirewallRules: [{08822F6C-9B7F-43C8-A06C-2C5C6C0EC8EC}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe No File

FirewallRules: [{1AE27E22-38C8-4D43-9D44-40DC21EB357C}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe No File

FirewallRules: [{124BE9BD-CCD9-4992-8D60-D466A3FD30E4}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe No File

FirewallRules: [{D66ED99B-E5EA-4B94-B9BC-413E292A62A6}] => (Allow) LPort=80

FirewallRules: [TCP Query User{42C4389D-9932-4DD7-ACE7-C67420C42813}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File

FirewallRules: [UDP Query User{70C0A8D2-011E-484B-9D8D-E99AC9A97602}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe No File

FirewallRules: [TCP Query User{2577F5D3-A5D0-41F3-AE8F-7C4F4CDDC2AE}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe No File

FirewallRules: [UDP Query User{4C99ABB0-D10E-4001-B0A9-7D6E74FDA75F}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe No File

FirewallRules: [TCP Query User{1E0BB387-92E7-4502-A84F-A7708E177352}D:\program\steamapps\common\lms\lms.exe] => (Allow) D:\program\steamapps\common\lms\lms.exe No File

FirewallRules: [UDP Query User{59668DA9-ABEA-45E8-93CF-412ACE22B837}D:\program\steamapps\common\lms\lms.exe] => (Allow) D:\program\steamapps\common\lms\lms.exe No File

FirewallRules: [{812520BF-E6B4-4FA4-82E9-A0434B5F002E}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.exe No File

FirewallRules: [{C02D195C-F667-4841-9AC7-6FEAB0D0244B}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.x64.exe No File

FirewallRules: [{E229B83B-44DC-4D5A-9DD7-2ED89BCD34D4}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.exe No File

FirewallRules: [{0867991F-5FAB-4A54-AE45-AEC248B4A88B}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.x64.exe No File

FirewallRules: [{5E5900A4-8224-4C3E-9156-D467827C3201}] => (Allow) D:\Program\steamapps\common\Warframe\Tools\Launcher.exe No File

FirewallRules: [{137D8CC4-2146-4A0B-AA6F-CA448D1DF632}] => (Allow) D:\Program\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File

FirewallRules: [{690C6E40-8DBD-4469-BDD2-8A1F8CBF1C46}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.exe No File

FirewallRules: [{FBEE8D4A-6F93-4825-A005-CCCF19EAFB3F}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.x64.exe No File

FirewallRules: [{E7FC7DA0-2A12-4DCA-BAC7-34CCC7E9449C}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.exe No File

FirewallRules: [{C64E84C8-0D41-4D67-ABDC-55CF2295F5AB}] => (Allow) D:\Program\steamapps\common\Warframe\Warframe.x64.exe No File

FirewallRules: [{1D067F2C-9167-4583-A3E8-A90DF758F5D1}] => (Allow) D:\Program\steamapps\common\Warframe\Tools\Launcher.exe No File

FirewallRules: [{C974C680-5983-4771-84FA-759A5588AF39}] => (Allow) D:\Program\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File

FirewallRules: [{0C1EB0CD-5B0A-498C-A958-2B85A31A47FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

FirewallRules: [TCP Query User{6267BF9A-1118-47C2-91E0-08566E89C6E1}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe No File

FirewallRules: [UDP Query User{0C982BE5-F950-4808-9EAF-EB8D588486C8}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe No File

FirewallRules: [TCP Query User{8014D613-EBF7-470A-B578-CF41DF655200}D:\program\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{B0F939B1-771E-45C7-87F3-0FFF7139710A}D:\program\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [TCP Query User{769BD0D8-5F0F-46FC-B51D-ACC6A3AA70DF}D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{BC46B3B0-085C-4F35-AA94-429B9CF4B009}D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{F4483175-2128-404E-8785-B75218B6D752}] => (Allow) D:\Program\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]

FirewallRules: [{AD11EF05-68CD-4DA7-9C10-6BB149A35D0E}] => (Allow) D:\Program\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [File not signed]

FirewallRules: [TCP Query User{34484496-DC71-4DB9-9563-12A784C84B81}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe No File

FirewallRules: [UDP Query User{FC55558D-B8A9-4F07-961F-7F9442E1AB16}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe No File

FirewallRules: [{49093752-8B67-42CA-96C3-82F856F92AD7}] => (Allow) D:\Program\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]

FirewallRules: [{0D87B00D-E3BA-417E-9E33-E6ADFDAB340F}] => (Allow) D:\Program\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]

FirewallRules: [TCP Query User{407FE5EF-ADB4-40C7-A913-CB4F8CA2B505}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe No File

FirewallRules: [UDP Query User{A3CAC0B1-DE24-468C-8168-7174A4F7243C}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe No File

FirewallRules: [{9BEF7989-91F9-41AC-8515-79071F01E697}] => (Allow) D:\Program\steamapps\common\3on3 FreeStyle\LauncherSteam.exe (JOYCITY) [File not signed]

FirewallRules: [{60326F63-1D50-44A5-82C9-3A44384807E8}] => (Allow) D:\Program\steamapps\common\3on3 FreeStyle\LauncherSteam.exe (JOYCITY) [File not signed]

FirewallRules: [TCP Query User{54D8BDDF-27DE-4E2D-AF88-1515EBFCA0AC}D:\program\steamapps\common\3on3 freestyle\3on3 freestyle\binaries\win64\doubleclutch-win64-shipping.exe] => (Allow) D:\program\steamapps\common\3on3 freestyle\3on3 freestyle\binaries\win64\doubleclutch-win64-shipping.exe (Joycity Corp. -> JOYCITY)

FirewallRules: [UDP Query User{626E63E8-1598-460C-857A-3D41BB3E7CB4}D:\program\steamapps\common\3on3 freestyle\3on3 freestyle\binaries\win64\doubleclutch-win64-shipping.exe] => (Allow) D:\program\steamapps\common\3on3 freestyle\3on3 freestyle\binaries\win64\doubleclutch-win64-shipping.exe (Joycity Corp. -> JOYCITY)

FirewallRules: [{1CFF95A5-1F07-4D34-A151-63C084DA9078}] => (Allow) D:\Program\steamapps\common\HideandShriek\HideandShriek.exe () [File not signed]

FirewallRules: [{51943464-F6BD-4487-92DC-5216F2F00C26}] => (Allow) D:\Program\steamapps\common\HideandShriek\HideandShriek.exe () [File not signed]

FirewallRules: [TCP Query User{B803AA82-DA96-4483-A203-0734A0381893}D:\program\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) D:\program\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe (Funcom Oslo AS) [File not signed]

FirewallRules: [UDP Query User{E5E72C17-34A3-4CEC-A14D-4D933633AAFF}D:\program\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) D:\program\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe (Funcom Oslo AS) [File not signed]

FirewallRules: [TCP Query User{58B8857F-96E4-4A80-884E-65038A19E8C6}D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{F8DB6331-8E07-4550-885F-4890A4D268FF}D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [{02B166F5-C6B2-4B7F-B8CF-FBEAE9A919AA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{C7783ACB-D6C3-456C-9320-5BD936A67659}] => (Allow) D:\Program\steamapps\common\Five Nights at Freddy's Sister Location\SisterLocation.exe () [File not signed]

FirewallRules: [{0E5150E6-AD8E-495F-AE49-C0FD1992F8C1}] => (Allow) D:\Program\steamapps\common\Five Nights at Freddy's Sister Location\SisterLocation.exe () [File not signed]

FirewallRules: [{37CC9B2C-EA23-4AB3-B827-6CCBC69BE823}] => (Allow) D:\Program\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{1E880F40-CC43-4690-85A9-FF92C4130A26}] => (Allow) D:\Program\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{43760BB1-DCC0-462E-BA24-3F1061E03E36}] => (Allow) D:\Program\steamapps\common\Hacknet\Hacknet.exe () [File not signed]

FirewallRules: [{786B16CB-8161-4759-A438-FEC69E5713F1}] => (Allow) D:\Program\steamapps\common\Hacknet\Hacknet.exe () [File not signed]

FirewallRules: [{04EF2AA6-4E42-4FE5-B207-F93F12A88705}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]

FirewallRules: [{C2562BDA-48DA-43BF-8933-5A819969C0FF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]

FirewallRules: [TCP Query User{60F46CA4-D1D2-48C1-9A89-2D5DE784FDC8}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe () [File not signed]

FirewallRules: [UDP Query User{504D477A-D1B7-4408-9937-168AA61A37DF}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe () [File not signed]

FirewallRules: [{DA0539E9-ADA6-424D-AE27-D9783589E171}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe (Node.js Foundation -> Node.js)

FirewallRules: [{8C7A19B5-0D10-461B-A522-B25E43531597}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe (Node.js Foundation -> Node.js)

FirewallRules: [TCP Query User{5E449520-C76B-4E8D-8191-B165C3554AE3}D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{E1442912-AC13-40E3-A0FD-75940D4125DB}D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [TCP Query User{47EA92ED-1B23-4815-A74C-CE90EEB8A1D0}C:\users\hossam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hossam\appdata\roaming\spotify\spotify.exe No File

FirewallRules: [UDP Query User{62FACF22-CAB9-4FCB-B8B4-9CA91627507C}C:\users\hossam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hossam\appdata\roaming\spotify\spotify.exe No File

FirewallRules: [TCP Query User{164BA19A-9F70-4DA9-9D45-01B491F5335D}D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [UDP Query User{ACD9A9F5-0700-4C4A-B676-62817C1F4F01}D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

FirewallRules: [TCP Query User{DDA18B4E-953E-4506-B379-6F7A4BE1B35D}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Block) C:\program files (x86)\popcorn time\nodejs\node.exe (Node.js Foundation -> Node.js)

FirewallRules: [UDP Query User{1BA8133F-3696-4DE9-B023-DDDE593446E9}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Block) C:\program files (x86)\popcorn time\nodejs\node.exe (Node.js Foundation -> Node.js)

FirewallRules: [TCP Query User{D1DC5D0A-7048-43E0-97B9-96543A62FB22}D:\program\battle.net\overwatch\overwatch.exe] => (Allow) D:\program\battle.net\overwatch\overwatch.exe No File

FirewallRules: [UDP Query User{562352A4-4FB7-4DDE-812D-14B0176BBADF}D:\program\battle.net\overwatch\overwatch.exe] => (Allow) D:\program\battle.net\overwatch\overwatch.exe No File

FirewallRules: [{470C67B6-69E6-4EA4-BC38-78C9FCAD9551}] => (Allow) C:\Users\Hossam\AppData\Local\helpctr\msiexec64.exe No File

FirewallRules: [{AA1A6DFD-5763-4470-AB36-8307B22AEAAB}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{CA5B3DCD-81D2-4683-A540-88BB72640199}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C224C05D-1894-4FB1-91F1-A604A07F1EE5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4AC0C2A4-3373-4B90-ABB0-0DAD37620804}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2B85D13C-44D5-4A96-BDA6-3B96FC93E718}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BC38FE71-1D2E-4C26-8C8F-168D5AACC0F7}] => (Allow) C:\Users\Hossam\AppData\Local\CamStudio 2.7\msiexec64.exe No File

FirewallRules: [{D948BF82-E730-4824-A983-60D036EFA5DA}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C97364D1-D906-4150-9E4B-6A6957A3A087}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{ED045427-645A-4C8B-88A4-4971C133152D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A0A207A0-3C5B-4388-B9A3-73D4BB36A2A3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [TCP Query User{B50E58EC-EBA5-40CA-8A1E-0184E5DA6F51}D:\program\overwatch\overwatch\overwatch.exe] => (Allow) D:\program\overwatch\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [UDP Query User{6591DCA3-062E-488F-9CD3-90C549FAD86C}D:\program\overwatch\overwatch\overwatch.exe] => (Allow) D:\program\overwatch\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [{38491035-2227-411F-8FA5-7908786B604A}] => (Allow) C:\Users\Hossam\AppData\Local\CamStudio 2.8.0\msiexec64.exe No File

FirewallRules: [{CF457167-2C15-4737-B14D-4E8F2283F238}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{4F0FE576-4983-44D4-BA7B-0AED0B501EA0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{993D6087-3E86-4D2F-A186-0E2B79A6326C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2B8C3D0E-0087-41AC-8B69-614739B16EBF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [TCP Query User{53FEC25B-20EB-4F3F-8C01-F44A5705CB8E}D:\program\overwatch\destiny 2\destiny2.exe] => (Allow) D:\program\overwatch\destiny 2\destiny2.exe No File

FirewallRules: [UDP Query User{EB4EAC1B-93C4-45F8-AC9C-597D065A9152}D:\program\overwatch\destiny 2\destiny2.exe] => (Allow) D:\program\overwatch\destiny 2\destiny2.exe No File

FirewallRules: [{BC67D167-2D54-4649-83B0-A8EB8B328577}] => (Allow) C:\Users\Hossam\AppData\Local\Windows Workflow Foundation\msiexec64.exe No File

FirewallRules: [{B663E01C-B7B0-4CD1-9E19-58DBF5A9CD49}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{4259D440-B5BB-4A73-B0BC-367A8CE90F7E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C6C2594D-564F-4B94-8331-C947B362606E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E5ED35FF-FCCA-4F91-9ECA-81F85E42D654}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FF2E0EFB-9F42-486A-B426-3884C59E77F9}] => (Allow) C:\Users\Hossam\AppData\Local\Local Extension Settings\msiexec64.exe No File

FirewallRules: [{88F0541B-9E7B-4FD7-BF09-9A4AA2314912}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{325C75B7-BCAE-4C8C-B2BE-E753535CBD37}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9A26A700-1D83-4407-938A-C331B870D90E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DCCF80C4-6B24-4DE4-AB3C-1BDE8503C290}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{789F4396-D00B-454E-B12F-C7649D802F8D}] => (Allow) C:\Users\Hossam\AppData\Local\Peer.Net\msiexec64.exe No File

FirewallRules: [{BDEC8D69-C737-46AA-A793-6CDD9CC33A1D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{9E57C0C8-156E-483E-8E2E-55BB3A032828}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C9D7BB57-D9FE-41D6-BD48-C7A639331AD1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5C2245D8-D6F7-42A7-A0A0-FCC734AC315C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{58EEBE33-664F-4868-95B1-669D7D7B102C}] => (Allow) C:\Users\Hossam\AppData\Local\Peer.Net\msiexec64.exe No File

FirewallRules: [{7D52E3A6-4D1E-4B45-B947-440899F4890A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{3E076D7C-7378-4100-BF67-27EFFB841F02}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{98D3BF46-8283-4F52-8F94-2ACA9EE81F91}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8691A7DD-37E6-49A6-8825-1C44888EBF88}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A6430C9C-90BE-4C7C-B162-6C383D16ED3C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C8B08D50-8F2F-47DF-AC3C-186BD0954E92}] => (Allow) C:\Users\Hossam\AppData\Local\Peer.Net\msiexec64.exe No File

FirewallRules: [{05E5CA3D-34F5-4948-9221-28A8BDC004BF}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{FD5B157A-5A8C-4198-AC91-FB34D7757C07}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8F2B330C-43F1-455B-851A-DF889F7DB7E3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{28614AE3-4797-4AC1-B9DA-FD11AD2FA10B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2C312C20-DC42-4D0C-9335-E122999A493A}] => (Allow) C:\Users\Hossam\AppData\Local\Peer.Net\msiexec64.exe No File

FirewallRules: [{300DCB9D-E861-4446-92A9-4F128A1DF319}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{674E00C1-4AC2-4CA9-A56C-6EB8F8055C6A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0358910C-1417-407B-85E1-8E18CB5F3810}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E37CE290-55F1-4AC0-BC55-A6C287E2944D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1FF66190-AB5B-4853-8889-2FF88CB61DA2}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Framework SDK\msiexec64.exe No File

FirewallRules: [{F433FDDB-E57A-4251-BE4F-C825A8687467}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{3DD13B48-A2A2-4E03-B10C-A8358B8E678F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2EF1F2D4-E076-4066-85A1-E205F312DBBF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C4DBB0E7-CF2C-4F5F-916C-7E1C36F46B4B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E2131C2E-F4C3-4312-B633-2510B3268048}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Framework SDK\msiexec64.exe No File

FirewallRules: [{53DC90FF-CACD-4C4C-BB3F-D15911706C55}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{0EC0A1C7-685F-42B1-834C-018FAB009B3A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C10A671D-909A-4691-8069-DD9EF493E883}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A089FA82-BE08-44BF-AA90-F881E042035E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5759C5D3-5AB0-4A5B-94BE-7F475230A4DC}] => (Allow) C:\Users\Hossam\AppData\Local\web server extensions\msiexec64.exe No File

FirewallRules: [{73239600-9461-4D60-A752-7903F6821B6A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{4BBD8FA3-8154-4A70-AC4E-FE08FBE47A2E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{13C6A359-120E-4D11-901C-8317A7525DF9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{982CBBC9-238A-4212-A040-B6C879DC5BE1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{51C874CE-2937-4101-A668-E522F035E5CF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{938C11CE-E45F-4110-A8D4-F58FAC8D9745}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{35DD2A89-DC88-4E3F-B1C2-78AA32BF63A4}] => (Allow) C:\Users\Hossam\AppData\Local\web server extensions\msiexec64.exe No File

FirewallRules: [{04FA2967-8454-4A1E-911A-68C2E39750F4}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{944BB85D-6397-45D9-8645-5D3FED60EE48}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{68A04A4D-6EF9-4327-81B7-1044045DE0FF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{209B06FD-1F63-4CD1-BC46-22C71A12513A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [TCP Query User{18B622DD-5505-4E09-86CC-9887E19BB484}D:\program\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{B7B2A2B7-7A17-4146-8941-04049754E0E3}D:\program\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{1C4E29A8-A351-49AB-8497-2BDCE0001D27}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File

FirewallRules: [UDP Query User{1BCB92A5-62F8-4600-A769-7DB3EF2D4802}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File

FirewallRules: [{181150F3-70E3-4EB5-B401-F488BFC81B9D}] => (Allow) C:\Users\Hossam\AppData\Local\Remote NET.Assistance\msiexec64.exe No File

FirewallRules: [{B6B283D9-2778-4E09-9343-8C7947521B30}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{F0BDF8B7-54C6-48AC-A8D0-8887A3FB2996}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6079AFB2-51EC-4CAC-BEC7-098658679586}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B7B16B1E-B6BC-4505-962B-1BC2F9F6B66F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A2CB39DA-4DBF-43E2-AE14-613CBAFEA95C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E09D717A-3734-4ACC-AE50-1B3AA66926B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe No File

FirewallRules: [{F90D0E09-F7AE-4A91-A4F1-5D4C52890D21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe No File

FirewallRules: [{62201514-261D-438C-80C3-E258CDCC0E6A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe No File

FirewallRules: [{CC8F47FD-DB7A-4833-8C4E-3E06E8700D9A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe No File

FirewallRules: [{1E505963-8F6E-40FD-BDDA-7BC159CAEAD6}] => (Allow) D:\Games\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [{A9BBC223-F3D3-4C30-827B-E9733D33FE8C}] => (Allow) D:\Games\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [{CD371CD4-00AB-43A6-B4C0-3A0FAB66530F}] => (Allow) D:\Games\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [{67CC1CA8-C9DA-4BCC-ADA5-0F9F4961884F}] => (Allow) D:\Games\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [{597B5C51-77BB-4935-866E-9BA07CCEEB6D}] => (Allow) D:\Games\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{2B21261F-CE3F-44AC-83A2-2FE47AC7A361}] => (Allow) D:\Games\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{EA7FCCB4-F59F-41B3-B7BF-E3DE8608B2A9}] => (Allow) D:\Games\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{D1E24441-81C6-46E4-BD01-559C919AAEA1}] => (Allow) D:\Games\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{5EB09569-6D7A-462F-93B3-3AC5F2F28843}] => (Allow) C:\Users\Hossam\AppData\Local\{9A5F1821-1526-1C50-A634-7F84341A2214}\msiexec64.exe No File

FirewallRules: [{5AD3041F-CA9D-4C3B-A0DF-19251FFC5B74}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{A4D82D24-7000-4630-88A0-1709F7BFA7E6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E520A260-836D-418A-B194-D27F4E4F28EB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{258C8FD9-A6B3-4E46-8F87-372EAF0E0EB9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{099F36DE-7D6B-480C-871B-5AD6DC370D2E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9783F4E4-A8A0-446B-BA6E-863DBF4175F7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7A7A80EB-0870-4BCD-A44C-827CABB3254B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5F773C4F-4DAE-4E12-9912-A0809B42C1AD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{715DBC5E-9E72-4B28-81FF-45E483919389}] => (Allow) C:\Program Files (x86)\Mr DJ\Far Cry 4\bin\FarCry4.exe No File

FirewallRules: [{3BFC7E2C-4274-4530-BC43-9575E0BFE47A}] => (Allow) C:\Program Files (x86)\Mr DJ\Far Cry 4\bin\FarCry4.exe No File

FirewallRules: [TCP Query User{BAD8BD57-5680-498C-B9B1-EA29BC607C10}D:\games\far cry 4\bin\farcry4.exe] => (Allow) D:\games\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [UDP Query User{388C44FF-3BF8-4B54-AAD2-46065736B35E}D:\games\far cry 4\bin\farcry4.exe] => (Allow) D:\games\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [{6C3DACF6-029E-4418-BC80-EFF44783C158}] => (Allow) C:\Users\Hossam\AppData\Local\FoxitReaderPortable\msiexec64.exe No File

FirewallRules: [{1A977CC1-B7E2-4413-A6EC-20F88E47AEEC}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{8A2DC28B-77DE-4F97-B219-1C165DCB787A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0FEF5BB7-4B7D-45DD-B86E-9B8E9CFDB99E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{ACDB5A37-90BD-4ACE-B959-E6700A461D92}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [TCP Query User{6AAEAA84-0041-4189-8E20-D48D30CFAE11}D:\program\steamapps\common\vr flush\vrflush\binaries\win64\vrflush.exe] => (Allow) D:\program\steamapps\common\vr flush\vrflush\binaries\win64\vrflush.exe No File

FirewallRules: [UDP Query User{50F7C4F8-FBB9-4593-8839-D625972F9A12}D:\program\steamapps\common\vr flush\vrflush\binaries\win64\vrflush.exe] => (Allow) D:\program\steamapps\common\vr flush\vrflush\binaries\win64\vrflush.exe No File

FirewallRules: [{39CADF4D-E6EC-4B1E-97E9-CBC496FEEBA7}] => (Allow) D:\Program\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]

FirewallRules: [{850022D5-04E7-4932-B439-321C1085CE39}] => (Allow) D:\Program\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]

FirewallRules: [{2564019C-4B53-4FBC-A60E-73F4D038F6A0}] => (Allow) D:\Program\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )

FirewallRules: [{39B5E35F-02E7-41E1-96CD-12596501F51F}] => (Allow) D:\Program\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> )

FirewallRules: [{B3AB1B4F-90A2-417F-BF3D-C1CB04C4491F}] => (Allow) D:\Program\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )

FirewallRules: [{2E993494-1D0E-4C65-B088-98816166D819}] => (Allow) D:\Program\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )

FirewallRules: [{0E7F8FD5-4E13-4007-BF6A-935BE08BD8D9}] => (Allow) D:\Program\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )

FirewallRules: [{7EAFADC5-3F86-43D9-8495-98CD83C123B2}] => (Allow) D:\Program\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )

FirewallRules: [{1E34D4BA-4C04-479D-8DF0-8A8D9CF1748B}] => (Allow) C:\Users\Hossam\AppData\Local\UserData.db\msiexec64.exe No File

FirewallRules: [{BA1CC9D4-78C9-4592-9CC1-5BF726742334}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{9BF41988-F736-4CC1-905F-3D5002C78AF1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A386294C-0C51-49B8-998E-0E77475E0C29}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{11DDC67B-2833-4DA0-8BFE-BD6C16CE753D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A837C7B6-B635-4438-880B-9B33BF02CE97}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{29839750-B56C-401C-BDE4-6FFA0CE0F746}] => (Allow) C:\Users\Hossam\AppData\Local\UserData.db\msiexec64.exe No File

FirewallRules: [{37D9463C-3D51-4EC1-A089-BE82075847C5}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{D0460BEC-DEC9-4A10-82B6-8AFCE20481EA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0DA1BA2B-1404-4423-885D-C53BD153F6D0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{04179317-42D1-4376-9DBE-3BC7C41A01A8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{15CD7E22-3391-41A2-BF05-78999B9912AF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5BB5BD3A-374D-45BA-8D44-2D5F71B177B0}] => (Allow) C:\Users\Hossam\AppData\Local\UserData.db\msiexec64.exe No File

FirewallRules: [{75C399AB-CC1B-4163-AD3C-EEA00F578E04}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{33EC387E-4C80-434C-8DB3-A5EFF62B6601}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{C7AFAA41-A5D9-4A1B-9352-5F165F347C28}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{AC75DB5D-D9DD-497A-8863-6222AF59FA26}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5CA8A569-1404-4E80-981A-E5095903A1A5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BE20B1CF-5974-4F4C-9381-9D831839D58D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EBA2744B-9FFC-4C13-9396-6CE886F1A4E0}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{8923CDA8-5F66-40ED-AE4D-41506270F8CF}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{06C1D5A1-A004-407E-B67D-B8AC1895F302}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{A25CC5DC-4354-43B9-8536-0B4964BB5FC7}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{E262CBBD-AABB-49B7-90D2-93C21436DDB0}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{3456F8EC-3535-452E-86B9-66648851A70D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{3B96E37E-ABBC-4BA4-A0BB-0DD239AB25CE}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{546A2D3F-CF25-4728-BCAA-0BCF6D461C49}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{0B2A9C78-BA9F-4D6A-BA4D-A7CECA0528A1}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{C108D414-7B35-477D-AA3E-4361B13A9084}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{AAEB7AB7-F569-4CF7-8198-47C896671CB2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{72A3F8B4-6D15-4124-A22C-F8C4075ADC0D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{82A86412-F794-475A-9FB6-BB33BA3718EF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{82A2BF8C-4CE8-48BB-A503-A1BC82123CCC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{63948193-ED38-408B-9CCA-59B477A43E84}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C17BCC58-6F91-4E4C-A3BE-D915CA650E94}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{163D65A7-E489-41A0-BCBA-9DA7EF0B1EA1}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{BF524FD8-D6B3-40E7-BAFF-E6938EBDB42C}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{217FABD1-41D4-4A3D-86FA-69EB42BDCADE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FB884B15-B443-491B-8FA0-76DB3E3139E8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F5FCA968-81A3-4E2A-A878-DECAB1B34723}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1666F434-6320-452F-B746-E871E3C6503A}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{41337AE8-3FD6-42FC-8FF0-FC0845A90AF4}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{72FA3BF0-7498-452E-8DA0-F0CC81229705}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{469B928A-FBA7-4123-B736-E4A6DCEB0180}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{2097F299-342F-4811-AD47-A203F9566CCC}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{2BAA0634-7653-42C2-B8C1-BAA2A7045263}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [TCP Query User{5B36E62E-E210-4916-AEBB-02DBD41D546B}C:\users\hossam\desktop\office kms activator 2018 ultimate by graphic evolved\files\bin\kmss.exe] => (Allow) C:\users\hossam\desktop\office kms activator 2018 ultimate by graphic evolved\files\bin\kmss.exe No File

FirewallRules: [UDP Query User{BCAA12A1-DC8D-41EE-9819-151EBDE2278B}C:\users\hossam\desktop\office kms activator 2018 ultimate by graphic evolved\files\bin\kmss.exe] => (Allow) C:\users\hossam\desktop\office kms activator 2018 ultimate by graphic evolved\files\bin\kmss.exe No File

FirewallRules: [{DA56A6C3-0436-45F6-9181-B2EB31EAF23B}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{DEE7D25B-E00C-4F58-95CD-5D6A3376EBC9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{1D48E9A4-E53C-473B-AB52-6573C08201D1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F7DE6E19-2B9C-47D2-87E5-B4FC688C3F30}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{12937EEA-0AD6-4C36-8916-DD8428CC185C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BFCBFF62-C4D8-4D07-9AC5-9C3D9A5B66EB}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{CE1407CA-D845-4BCB-B169-669CA2515FF9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{E3497160-6AFC-4BEE-9DAF-E80EA8FC4A50}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{278BE8C4-5F2C-405D-B495-99DD424783DE}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{BD21FC46-5DAE-47A4-ACF3-60E16EBAB25D}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{3B751E80-75F4-444E-AB71-7EA2A135E409}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{BFD18B8A-E71F-4475-ACFF-24E073F009BC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DF4B45B7-6FC6-46C4-B26B-AE12DBF95265}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F7EB3C1A-EB7D-4BCF-B86F-F5232630F8D2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FB1F2228-116D-4734-94F4-DE10FCADDCF8}] => (Allow) C:\Users\Hossam\AppData\Local\_restore{E415C293-1C11-4005-B5E5-91EC1A0BAE7D}\msiexec64.exe No File

FirewallRules: [{4F56C60B-A8F2-4CEA-ABD7-B51C5A686B02}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B8C693E1-59EE-425F-A241-3838E9D462B5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4F63C8DB-4C79-4EFA-9796-3889E21DEF65}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FE8ED491-7EAB-4595-B1F1-CCAFA66BBE08}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9CDD9BC5-C482-4AEA-8EC6-F0B4DAAA8261}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9DFE12B1-96FB-4E57-8B3B-2478FD541A35}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{7618340F-80E4-4F2B-B1C0-2EB3CE664F16}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{8CE4BB00-82AB-448A-BBEE-9896F0A3DD92}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AFDA54AD-74EF-4ED1-8CED-268641F43523}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{678B796E-4508-4AD5-A05A-AC269022A167}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{62AE623F-8601-4A01-ACEC-A1EE42878024}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{EE7FDC2C-F4CB-40BC-9D65-B6DE13477B5C}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{3E51DE68-E294-4C7E-8689-E078FDA72341}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{A05C39C0-F639-425B-A2A4-E1564AD9B736}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{AC34C248-7945-4EBF-917D-15BB70F444A9}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{A2279940-9F10-47FD-AC18-2A69D50D1860}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B942F146-8D4D-4E27-BAEE-3793F009B8E8}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{60027CC7-581D-4276-8A4E-2FF56596D001}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{39C21CFC-7B9D-4834-9685-EACFBA438AD1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{85C8E0B1-B119-41D2-9552-497E13A49F36}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4B2BD5E8-A0BF-4E23-A1D7-02FA7EEF752E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{07987ACF-A148-4EAF-B8EA-1A07043CE36B}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{06443890-7CBB-48C1-B0A8-BF798DBB1F1D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C45CA036-060B-4822-928C-0C262101B839}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{61A0D479-9A6E-4630-BFE5-564E281C4A37}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{73C71591-7E4D-43D5-B357-DD65BB5A64DA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D7F78CCC-E67D-42DA-A0F0-C7EACE4E536B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F8508A48-BEC7-4A48-AC16-AF96D8121B31}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{4FEC86EB-606B-40B0-BE95-4842ED0257EF}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C067993D-17B5-469B-92C9-4B38DCC21FCB}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{86657E5D-4331-41DE-93DA-34E490FEF890}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{53F51F91-39D0-4854-A646-33B268E607F5}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{B814276C-9EE4-48A0-B69E-E7B965B638AA}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{68E04AA2-4BD6-4AD8-8152-2106F4A2EB95}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{16CB09C6-436A-4C7F-8803-D0053E592A52}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DF0CF70E-3986-4DF8-8052-AE0FA9174848}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{29A45221-614A-42D6-98F7-C08E98D34443}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{9AA3BEF0-B3C5-4D49-B93F-0A8D58B5879D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{CBCD8DE6-3BB9-47B1-AB2B-56EBC93C72C3}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{648A94A1-E105-46CD-B0D7-708C6B1D2A30}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{5A018355-E285-42AE-AC85-9AAF67A55006}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7EB91DF0-5344-47F9-BC91-A9BB6E59EDBE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EAAEC7D6-C3B3-4F8E-B604-42F7B077C396}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{56823E79-C715-476D-8592-937E588148F4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [TCP Query User{E358B732-FEF9-46AE-A6B7-D597F729DBE7}D:\program\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\program\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]

FirewallRules: [UDP Query User{C0BC37DD-4586-47D2-BE56-0D0716B51E58}D:\program\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\program\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]

FirewallRules: [{9E057C4C-89E4-4EFA-B555-9757F0559F6E}] => (Allow) D:\Program\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{395440E2-7BF7-4AF0-AD90-CE2F9B41D665}] => (Allow) D:\Program\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{75ACD4B5-1099-428F-A875-12729653413F}] => (Allow) D:\Program\steamapps\common\H1Z1\H1Z1_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{C479395F-7300-4360-A69C-B7A2DD8414AC}] => (Allow) D:\Program\steamapps\common\H1Z1\H1Z1_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{5EC0C8E4-D106-48BB-9285-BADC6FA68074}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{5707CC29-41B4-447F-ABE8-94BFCD3B003D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{30023D01-9BE4-4CCA-A819-8E8AC797C1BB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9928A450-BF9B-42D5-AA54-C5C610FC6243}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F9C6D0DF-E1AA-40AA-BCC3-F54E41C0C46A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2689E229-CDA5-4B7C-9875-51D061444BE3}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{BE51BF5E-7141-416A-A426-ED91C688E6CC}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{6503AAAE-C1A6-401B-A79D-8D0E4FD96135}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{2D70498D-4DAE-4C5F-962C-42F8937D48A0}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{79A972F1-7F87-4944-B6A6-FFF82C092401}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{D21D6495-C3BE-4483-83FE-C3E4C25808F4}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{74699054-EFAA-41EE-A5E9-DF02AD8E41AB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{907F048E-A54E-40A4-A24D-35367C937B85}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7A41765A-95E2-40D5-8C73-C72C87794ABF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BE59EC89-1AC4-4A76-93D0-EA0EFDB13660}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{78303291-BC7B-4821-AEF8-C695AFD90B20}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{7A120FC7-6D99-40D4-B794-ABBCACFD4478}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{B22A7036-FA8E-45CA-96C1-59D3C8AC26D1}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{9C096D04-BA81-431D-BD61-896C799F6ED2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9DC82FDA-6698-4AE7-8BA4-EBFC3880C604}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3B550408-15B3-4D29-85A4-083ADC91F461}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CF787641-5A89-4CF1-9377-5D510B730597}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{3464F86B-A447-402E-BD62-4D340B31103D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{75768510-4B1E-46A4-BE49-3DA0B09DD0FE}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{8EF67E4B-5A49-4182-B0EA-D5357E683C72}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{FE39554F-AD2A-4B65-94E9-42C77643FD6C}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{1E3E708A-3C76-4DE6-96B5-467AD3935184}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{9B2EC5E2-EEC8-4798-B460-D5B77F19227C}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{417E7ACD-2A73-4053-B391-A9927FC5C3C0}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{392A56DF-8E1D-4479-8F59-8212CDA1D1A5}] => (Allow) C:\Users\Hossam\AppData\Local\Media Network Sharing\msiexec64.exe No File

FirewallRules: [{3E75C669-D97C-499C-B867-878205880D18}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{4A64EEAF-7376-4F89-960A-56A0C04A7DA9}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{F578F692-7D4A-4D52-AB40-49274CF4B67D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{8E03B813-F878-4B76-801D-30B2E0932652}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{985BC563-C650-499C-A76F-5793FC0B628B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{ACEEC6CE-B2A9-45A4-8FA8-CDE6836D2EBD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{518ABF4F-DD69-41CE-8EAD-14CE1A5583F0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{28836AC2-65E6-4A4E-ADFC-D8ABCB00CA6E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{C02B96B3-D700-4B8C-9833-2CD15254921B}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{757A1F5B-C843-4A22-B341-74370D090E6D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{80F587E4-CA0B-4876-B5DD-598C88975FBC}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{0708413E-D762-4207-A129-8E2E6DCF094E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C21E736D-84A7-485E-9D41-6C2CB13FDF67}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{EC8A3BC7-06A8-4260-A36E-5E275462BFA9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{94787463-A0E8-456A-A8A3-184A5E9CA14E}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{430172DF-3123-4339-A687-4C99A0EA2184}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{62BFCE79-E1A9-4724-96F1-D3A90F19DE0A}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{865612BF-6F10-4F21-93A6-7F80AD513453}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{35BE00BF-3BF4-4B37-AD77-A5054BC587AE}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{3B1F54F0-45B3-4536-8A90-6678A4A7A508}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{30335923-F828-4A79-BF72-7140B9B1CD36}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4D5BEE71-5904-4950-80E9-B3B47018BC59}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BB9746A1-8852-4200-AF34-1037DEFD8CE2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BA183464-A666-426A-BFF5-79B0FC1B046B}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{C7BEC56A-7FE4-493A-925E-48E4B0A8BF65}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C2BC34E9-B3DB-466B-BAD0-D322D4210853}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{92E695C3-E109-4C42-BE7C-F0F364A1F4BC}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{843900FD-DA79-4929-BA15-543801A01796}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{DA61CD19-0A99-4E86-9DA4-C42BE010D91D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{71DF2515-F18A-4ECE-BECF-72811481F092}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{F7B22220-7DE8-48B0-AD73-15B485ACBC27}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{85C5B1B7-A7DE-4ED1-987F-3217C2D8893E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{76E78A4E-DE80-4E17-A8CE-42248ABEA1A0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{447304E3-570B-447C-9832-1E8DA1960100}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{36F380D2-AF86-4587-8618-10A377E25DA9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8D89A42B-E329-45B5-82C3-3CE097899C8E}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{65533B12-5AFC-4E3A-942B-41E79B1A42B6}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{D91C6EBB-77A4-4465-8E4F-763A4432E1BE}] => (Allow) C:\Users\Hossam\AppData\Local\NTUSER.DAT\msiexec64.exe No File

FirewallRules: [{13EDF7E8-2BFA-46FF-8A01-E5086C35D708}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{DC2048EB-15B0-496B-84AC-DB3A29D5224F}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{D0EADC00-0045-4DA7-9B33-2FDE6CA6A68A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{07AE4331-BAFE-4D3C-907F-E74D93C1EE02}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{73C04405-1685-4A03-AE2B-91223E4E894F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CB6FC714-5D0E-4C90-B4BB-25824F1CB7C9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B0D1C3F7-68AE-48E5-9675-A9B349260515}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8E79E0A0-409B-4867-A317-C28D725A4F73}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{748F6635-686E-460D-AD9E-6F614A202F7C}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{FDA98037-5253-44C0-B336-6E4D5138D1FA}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{969BA6D3-F389-47B9-AB06-02A2920CBFD3}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{DBE55AF9-4BF2-4B1F-8F99-BB648C0622E9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B1ADD9C5-3179-4CC4-A15E-EE1853978DF8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C8F73045-18C2-4DA7-8F6A-299C614B4741}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0FD613FB-4E6A-438F-96E5-0B589C4EFC79}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B08C7508-B662-49A1-8C8A-5F1A96C1E2E4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0D2ADEED-572C-4BC7-A80A-A4D26137F4DF}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{D2A7B1D4-4895-44B9-91D0-C12FDC2C30A2}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{9451F53D-209E-4DD5-ACEE-731DF630B60B}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{730D36E9-B537-4646-9341-5E1B87BD1476}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [TCP Query User{CFE0DFD7-EBD2-49CD-8BA0-1063E73D5D99}D:\games\far cry primal\bin\fcprimal.exe] => (Allow) D:\games\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [UDP Query User{8942151F-275B-4FBF-B048-D5581982AA7E}D:\games\far cry primal\bin\fcprimal.exe] => (Allow) D:\games\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)

FirewallRules: [{A8EF4BB4-EF77-4D42-B559-260E693B42E9}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{982FE7B5-6EAB-48B4-A5BE-FE8AED036327}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B4331E86-0446-44E5-A51E-42BFA70FC188}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{EC290038-9E4D-4A97-9C01-6DFAB8D7939F}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{31E333DB-D04D-42E9-B69A-8B70E2C941C8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1673EEB7-1D0C-4289-B1B0-A95A0563F898}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4558C081-F254-4B5A-9E0B-772084C7217C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CDBCD605-4D59-4E91-80B1-3B61AA902DD4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{20565B1D-1D48-479F-BD04-DE6354E0A7AC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{59DE5215-F631-43A7-9A2D-54FD902F0604}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{C3B41A09-8959-4013-AF63-E4100008B76F}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{28CECE94-1BED-4A95-87DC-362825DBCAF4}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{536D61E2-D141-4E0B-96F4-6B3B18168078}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{6EB96886-7007-4F7D-8127-1BA167B92489}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{A064FD94-A2BE-48B2-9742-92D1AE52ED1F}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{D0BF1A94-2F6D-4B5E-9CCB-C3EC06098834}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{F32758A1-CD96-43AD-849F-4C1088B96211}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{795ADBE3-2427-438A-B27D-0325D9F4465C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{08046500-1F98-4301-A672-E3B4A2340A6D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6F0C8A69-8746-412A-9D1B-14609C6523AD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F32E2F2F-EF8F-4911-BE6D-9DC6C4269DA1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3BD17CFC-5E80-4045-9843-357E3B17C502}] => (Allow) C:\Users\Hossam\AppData\Local\NET.Remote Assistance\msiexec64.exe No File

FirewallRules: [{5718110E-B451-48E3-9A85-2E241EC46F0E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{2A41BFC8-CD37-4E4B-A076-EE418E28734C}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{7E0CA3F7-838D-4E90-A7D9-B036E14A1527}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{30E79FFB-3FE1-48DB-8BEB-58BD9B2705DC}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{ECF31CBE-5CDC-4A89-9FFF-F6EFB2A2D3F2}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{6DC260F1-CE2A-41AD-9ED3-F6F55DF91838}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{1A20DA8F-679B-47D6-BFF7-D11CA5A166E1}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C1F20A5E-1856-4D1E-BF81-766BB0EDF420}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{75965C7F-B692-445E-A4BF-DECAE335F6F7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{22E9E77B-13FD-47DF-B3B3-489BE89EFF7D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F6577646-2920-49F9-8E4D-7794443D120E}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{5EEE396F-9647-4245-9AC1-3F4AADB6A54B}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{6482ED8E-14FE-4952-A0D3-53D5CB84F820}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9C992D6B-C9A7-4ED6-9FEE-7183D5CB783C}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{EFCD88A5-AAF1-4CDC-9652-5B4DBCFD1441}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{24B83E09-240E-4BFD-8071-4F290CE9DA4B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7FECAA9A-2563-4B2A-B9BC-1C3A426D7CF8}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{276D2753-0719-4447-BBFD-BBED53393CF9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{2886140A-E369-4DBF-85F8-D346195F14A3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{05107FBC-79C0-47F4-BEDF-129BBE17D6B4}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{82DC6248-0378-460F-AD50-0CD0BCE752C2}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{16F4FADB-25C2-441E-AED2-DC79BE83947E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{61990465-70F2-4E6C-BA0E-ECEB781C0F7D}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{105EA85C-D6D0-4ACA-A19C-1085BED67AF0}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{94013D9C-7720-48DE-AC45-7569F7DCC388}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D363E456-345F-4AF5-A5EA-5602A867C959}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CC645FC9-5FA1-4E39-8444-1DF17FA17C3E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B3A2B837-2AA6-4074-87C2-3FF174BA0696}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{D4C47BAD-687D-4DCA-835F-5178A6DF993F}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{467C073F-75A8-46D3-A0A7-9140310F46C1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CCA7CE34-F0B2-4331-832A-5BF9513AF99C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E76E5A7D-E121-4EDB-B1D3-807EC87DFBAC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E6CD3BEA-7CB9-4D6F-AAAC-DA27F536CD51}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{8C334FD5-762B-4E6B-BE0F-672E21BA4932}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B904086A-B873-46A5-80B6-A403152F60B7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{14C169EE-13FA-4A77-B33B-285C02ACD723}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4C478149-9E63-4DD9-AC83-7B7648CBF0A0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A974A8F1-D1DC-42A8-BA97-6FAF2134CF6B}] => (Allow) C:\Users\Hossam\AppData\Local\PortableApps.com\msiexec64.exe No File

FirewallRules: [{9B104C0D-B735-4298-A93D-1B084F373D9D}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{B50887A4-DC7A-4B10-9012-E99F21E34E45}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0BBAF7D1-7307-4D60-90D7-43EAC19847F4}] => (Allow) D:\Program\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)

FirewallRules: [{2A6736AF-AA2A-4305-A996-B25002890CA5}] => (Allow) D:\Program\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)

FirewallRules: [TCP Query User{49CC366B-FBB6-4CF0-AC72-DA84C6FCD912}D:\games\tom clancy's the division\thedivision.exe] => (Allow) D:\games\tom clancy's the division\thedivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)

FirewallRules: [{38C02700-A717-445C-8D37-7DC0DEE26146}] => (Allow) D:\Games\Tom Clancy's The Division\TheDivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)

FirewallRules: [{BD7DBE5C-0F51-441E-86E3-3C2D0AB577A0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7D0FB536-3CCA-4851-8F95-2FDC04A5A110}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E9E750B1-C59D-4354-9276-74C799D0E14D}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{2EBA8328-DB6D-4FE0-8D3F-6057377E45DC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D6D2303B-32B2-407B-875C-BE40DACBD191}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C4FFF35A-2D90-4284-A2DF-FD4DB139D13C}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{7F08AD66-E9D2-4BEE-A4A1-D6E3716F40D3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4A4D4EE6-07FE-4B34-A8D7-B40549880CE8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CD8CE998-936A-44F3-B2EC-8A917DC6E7B0}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{34C1D0F5-DE72-432D-BB59-652F50E591F2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C91646CE-6078-43AE-954A-EF36E78AF178}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CD9A8AE8-E2C7-4940-9CEA-F041DCF3172A}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{63979AEF-8FD1-447D-8C4E-720299945EE0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E2F988CF-24DF-47D4-B9D7-1D1F52CBF4A2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FB8A992B-3A48-4F0E-AF59-884E76C116F1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{0415ECEE-7BBE-45CB-B70E-50DA43FF85F0}] => (Allow) D:\Program\steamapps\common\The Escapists 2\TheEscapists2.exe () [File not signed]

FirewallRules: [{D77A64B5-DB96-498E-AC09-0DC106D9804B}] => (Allow) D:\Program\steamapps\common\The Escapists 2\TheEscapists2.exe () [File not signed]

FirewallRules: [{52324F57-B149-4A10-9118-C7BC4D2CBB36}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F4F03F49-69CD-4278-B797-C37ED4983B09}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C8B4EE9A-794F-4E36-9903-2253B94F86C9}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{EEEFDA81-71F1-41FA-A604-4F7D153ED14D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8563D3C5-B19E-40F1-8080-E91D5BD33282}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3DD00292-3AAF-416D-9020-1AA722F82083}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{8E21D972-0837-4011-AE24-A25C9568356F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3602F854-D4DE-4679-9889-5CD3205BF88F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DFD83FC6-B326-4517-A534-72CA83130FC4}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{FF3EF681-5CFB-4D67-ACF9-0B9D143885FF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{05488B6B-684A-4654-BFC8-B4879AA20EFF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8668ED1E-4081-4A10-A393-746A6D6E82AD}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{3C89E72D-FEE9-4968-A5DE-1F78ECBED669}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{761EB8FE-816C-4361-A030-55C6724F20FC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{01AF18F0-6527-4BEA-A57C-F0527ECB0418}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{86F4E623-B833-429E-8BA5-547EE68B5CE1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B607C7DF-7937-4B9A-8293-FEAA9F9173E6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EDC4249B-02CC-40A6-AA70-2E25E33C47D4}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{A1EB31D6-9B8B-43C8-8490-E4BAD5E68FBB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7259090C-3886-4E1F-81DB-743CB6C7F1B8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EA2B8898-4B03-4C01-8B98-88F6FA2F7FA9}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{03889152-6E22-45C5-B268-26D187C16360}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8A2A343D-2D6F-4441-A9DA-66FAF509844C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D995B3A2-7BEF-43EC-9781-6AE5C159342C}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{E6BAC278-B1B3-48DD-B28A-1D037686C22A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4FF29B54-3BF3-4419-B75A-D222144A7931}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F1601A03-02DE-47D2-ADC6-4356F9B4EF9C}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{FA41555E-105A-45CE-95E8-E2995385EAB5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7B104E72-CABC-4BED-B47C-AD337D1A1231}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{14E08A5D-6BCF-4753-BE68-C26D5E6A5F18}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{AE7522A1-549E-4B89-872D-8CCBFFCC5266}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CB59E449-2037-45EE-9C8F-D8811BA1B644}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{89E2DA2B-D4FF-4B74-BD96-CC4C3B6F1A32}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{04C8828C-679A-4E42-BF35-FC345D80513E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{178A3B5F-00D8-4D4E-AFA5-F1B943A3681B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2AD09D04-5DA7-448F-8CF4-3A48632EC5A4}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{AB79CF22-7281-4C9D-A654-2FEC7497A626}] => (Allow) D:\Program\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{F5B26071-51A1-40D6-B00E-FF7D44556AC8}] => (Allow) D:\Program\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [{DCF22634-00B3-40F9-AF1C-ADF14C41C0BC}] => (Allow) D:\Program\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{5C176845-1633-4E54-A743-AC6E0ECFDCBD}] => (Allow) D:\Program\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{BF4A1096-3D6F-43A7-84A9-A65400B3883F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EAB9B75D-62C2-472E-9A32-C74EB6FD3E95}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{94216B2D-C34D-4429-87DA-A0474580058F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{03059BA3-1BF3-44C6-B907-787C05BC605A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1A601356-8E0C-4018-ADDC-D2ACEC9F4115}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{62F80D18-12A4-4619-AE42-EC1A308FC6E9}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{01EEB5D4-17C4-4921-999F-EDF7ED7084D6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{65EFDDC4-5B57-4C72-AD38-D379999CD5AA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CFD0CACC-99D4-4D46-B9F1-1B6D25D2E1FB}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{0D0505CF-BBB2-425B-8786-026226D5F817}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{468E4093-2A9C-419D-A1ED-442F66CB97D9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F4AC8F4D-82B9-4105-A955-13822A052C93}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{25AB029F-4536-44FD-8DAC-6707CF41E6DA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{09FFCB6D-FAED-4539-8E99-BC2C94FEC072}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8D25F6ED-CBC9-4D44-BFEE-CD4AE635ACD6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{1D43B08E-ED60-4380-885C-EBFA2C9E74B2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1D3ABE39-16FD-4148-B4DA-2D02BC8C97FC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{43195212-EA23-40FC-B094-620EC585E5BB}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{A34328B6-B364-4C48-8EFA-94D83DA4F819}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{59975AAF-3BA4-476D-A530-A51F25C59EAA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3AF810FF-9EB8-4966-B88E-EDC920F19516}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{94B22419-E855-4049-A155-5A5097335D38}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B3EB1AFB-7A43-4D68-ADAC-B4FDA7F89660}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{70586455-60C8-4FD5-B452-DD9FFBEC1626}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{9C7ADB51-C361-486F-9AC4-C6D6E75641E3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AAB74736-1F53-4A1A-92E1-AEB02DB31F17}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7A6A84ED-0001-4245-ADFD-D103B8B794F4}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{B43DB3E9-5824-4ECA-9D20-796D936F841C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BD2B5DE9-30B9-45D4-BF5A-32F31CAAE504}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F95925BA-B05E-4D27-8530-6C700962A0F5}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{84F84AA7-44C7-4B47-9227-6F84D052DC19}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6290F507-FAA4-4836-BCE3-605266AE6540}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BDD59B4D-4061-49E6-90EE-305B7F22AC21}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{68A25428-9B79-4B56-AC07-66EDB1F73379}] => (Allow) D:\Program\steamapps\common\Hand Simulator\Hand Simulator.exe () [File not signed]

FirewallRules: [{806734EE-1B6B-4F08-A343-032C0FDB4AF8}] => (Allow) D:\Program\steamapps\common\Hand Simulator\Hand Simulator.exe () [File not signed]

FirewallRules: [{100BAC50-6579-4076-80E5-829558B47EB0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C48BDC62-E0C1-4088-A1CF-AB038074C009}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DACF06B5-E688-4379-ACAF-204691E3B3D5}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{742A03B9-4F1E-4EB3-8B66-AB23A75F6AC8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2A63471A-3882-49CB-86B3-0816AE29D626}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0DAC33E0-AD4E-4098-9960-9AE0A9188EDD}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{E941CB4D-9167-424F-9FA1-A765D1B9F717}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{47D172E5-85A1-4139-84C2-22A5BE945E62}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2EC08DD1-E8E3-4DEA-8062-216508360C69}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{0CDA1E28-EAA6-46D4-9481-B9099B746D95}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7D8209A4-AA60-4E05-A4DB-425076F95DF6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{015AF590-5898-41C6-8434-EB40CE92079D}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{343DB2D2-AD85-4657-8F71-7991EC384207}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5E9C2BC7-BD63-4605-A950-77E02A0BEDBB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7D9B1F4B-D7E3-4625-9342-B5BA49A17FFF}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{2806A9AF-6F82-429B-8FDC-B31B2069600D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{420A1955-468C-45AA-BA66-CA6CFC36A7FD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E172188A-630E-4F09-BC5E-AA5132B7678A}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{EFB1908A-FE04-4593-A205-76B3118F9F0A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{81BF8FF7-E308-4E64-A8D0-A2110E4FBA96}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{27843F07-F9AD-4090-8A99-98FFC934AE3B}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D9396871-8A90-4216-9DED-8BEA342C1A99}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A7D2B72E-D3A2-4388-8FD6-CA4D97251C69}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CEDF9476-45C8-4252-BD1E-090E989F6406}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{A269EC12-1B71-4934-824B-0D2C2E395FF4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B977DAF6-5723-4F4B-928F-F3F67C7A7CE5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D3A61C60-238B-4DE7-B21E-76005419D66F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{A348177C-AA70-4825-B558-F652B42E55D7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1E14CF24-275F-4D5D-98EE-D709CB4759BB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5238EAFE-FACB-4C0D-82CB-B78E7D6A92F7}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{E51F89A0-EDF1-4B66-A9A4-8343C457BB01}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{90CBD376-7B0D-49F7-8BAE-3FF62E138EA3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C69F547F-BE6F-42C6-BBE6-241A3F74BCC0}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{7641B739-4380-498B-B6CB-B75FFEDDD4AB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BF092610-AB74-4179-8B30-62BEBDDB5A01}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E7C36517-6D6D-456B-B59E-E79E96F48472}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{BAB90593-3A47-43B2-90D0-BD0D082A6819}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{04032251-C570-4360-AFDE-DCE6C27FE615}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{368D797E-5876-4D63-A663-532AABFD8F7E}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D7A5C670-335F-4D00-9856-52A06B921D16}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4AA33C9B-31BD-4EAD-8971-3D0CFEC4FC2E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D1E3F053-6307-4473-97BA-ED697AB26969}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{A0DFB283-75D5-4669-92C5-65C0240246D4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{77FA10F3-FFE3-4AF6-BB94-E7D495197F4E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DA291252-CDBB-4D12-B0F0-AD9F16C0970E}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{FB525157-C8BA-45E1-9965-573E5B0063F3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B2282AB3-48A5-40EF-A7D8-FA73FA740F9C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3BAEACA7-48B9-46A5-860F-8F12F836E9F5}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{C5FABD4C-DF0D-4F7B-A10B-E1EFA9435D06}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6BE9DC3E-AD7F-41CD-B153-C67119B73747}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FAA52E19-2AAD-4042-AEB0-0777218FBA8D}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{9CBF07B9-AC21-4984-88E6-005A28861D2E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F1F9B7F1-3487-4F27-BD98-850622770878}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{55F9D862-9A68-4C02-B690-655EED2B96C6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{53BD3266-817C-4521-9E77-7B163C13E949}] => (Allow) D:\Program\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{98B4D254-FA5C-4197-9914-DF853DE2D961}] => (Allow) D:\Program\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{1114366C-61DC-47EB-B600-967E049F6EB1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AF1A5F12-2C99-46C7-BAAC-10F989D2DA10}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{866D704F-CC18-4FEA-91FA-37032B8C9496}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{88538C70-48FF-42AF-99D8-E53E9EE729B8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9E0093FF-F6A8-4FA3-979E-3E2FFBBA3D2F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5E1CE0E7-3BE2-4A5D-8DA8-A9785F31B514}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{836AB96E-1C9B-445E-ADA9-26A39B0124DE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{815DB48E-6F44-45C0-B93B-96FD4BFB7CB2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4F12FFE9-3501-4B10-A272-C25C0C675D88}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{F596DE76-016A-4C92-81AF-965B87F53B8F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{05648C81-B8F4-4C18-B562-28A0DE85B2C7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{748802A9-8563-4FC8-AFF6-189625AD42F9}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{3D2694A8-4743-4718-9573-1FB658214480}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AADA1B9E-356B-4E24-8088-9A8F75F48346}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BB401611-2F62-4D8A-9DE4-2B087433D92C}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{454064B8-7A56-466E-A554-0086644D4B99}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5E321A53-2E9C-4E8B-A287-0F33B6E28289}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5E28AFC6-7E4C-4BB7-81A3-D555888D5702}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{7FD665F1-A45E-4DDC-A37A-1FDA82DE01C0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{15368DBF-B975-44E0-A21B-71F3D08B1D7D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{9DEC2AB8-2FB9-44B6-AF73-445A0E192D37}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{E8559DD9-A7F4-4CCC-981A-E52AD5E8DD2B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{112BE1A3-F399-4375-B329-62B71420D08F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F61CDC68-D7B8-4A05-9C67-FE0A1FC8D1F9}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{BD4E55EF-E330-4937-8C89-F8E126CA5CFD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AA0A40D4-23F1-481A-9334-E1154EF92DC4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5164781A-0E70-4517-A360-8DE1E10D5DB6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{18DDCD15-A277-4174-B79C-EF06F9066C8A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{72C18ACC-9093-45F9-B799-F2A00D133BA2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1E1DBA5F-93BA-440B-881E-10038F282090}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{6066D8BB-1B0C-4C86-9390-557A660058AA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{7B4AC68C-C6F3-457E-A030-F4C024783B02}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{528163FA-31ED-4D5A-B528-A306870691E1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{B16FABAF-75CC-4386-B2B5-D9352BB6F1FF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F5A5D2DE-C6D1-445B-800C-8F854F19C98C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{483875F6-3F9B-4867-B18A-096A246EEE52}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{0BD93B02-EAF2-4E8F-B5CD-4A818628A8CE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0C006033-8E2A-417B-8A87-FDCBA1ED690D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{08B6A5AB-0FFE-4511-AA03-C630389934DF}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{0A9AC344-01AC-4A2B-9199-AD18A3B00CEF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8C9B21C2-3E1F-4360-9211-A032E985FF6A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6E64079B-106B-4D69-AD5B-8F26597EE434}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D19E8B0C-A379-4424-919E-534E3B062B81}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CD67346E-E21E-4017-BB05-0E8D5ADD7B3E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{ED115FAA-2365-468F-85AB-195C009F8D06}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{77584CF5-F0B0-4336-9EE9-A34B88E437FB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B54256A0-5058-4D02-B173-C71675D2D36A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F7D3EFDC-CE8B-4F0D-B3C4-D5C56ECE2AF5}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D09CBF2E-47B4-4F44-8EB7-1CA28E5748BB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4E4701FC-D642-473C-B75C-56AAE041CE01}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BADCE847-CB5F-4510-8E1E-9C7866DDD446}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{E603782B-C899-45C1-9CAB-01B699FBA34E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{60F94B4C-451D-4075-9B5F-80AF1C38B7F7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{699B489B-FE74-4861-9998-64DA28F6BC65}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{666CAAC9-A2A2-492A-9F5A-23DEF6A53B43}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{84176A3F-D1A9-4FCD-BD80-1DE0D6C83340}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F50CE7F4-780D-4CC0-9B5F-B08306AE798F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{72A494B1-F72E-4E57-AE65-7256BD3819DD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AA8A0C43-AAE5-4D32-B5AF-99E2468C2DB1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D355BA3C-CCA9-471D-B478-248D78072906}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D25FCD83-C89A-477E-9042-E516859F31AB}] => (Allow) D:\Program\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)

FirewallRules: [{29C878EA-645B-46DE-A332-8A8BBAF331F2}] => (Allow) D:\Program\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)

FirewallRules: [{8CE7E79C-F821-43D1-9555-01595D1D5A47}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D9AEB3B6-910D-4AA6-8397-6355933285FB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4573A710-A5CF-4897-BEAA-39147A9657F1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{ECDB8C7E-E0AF-466B-9AAE-87D39F0BEF19}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{91E577C6-1465-4374-9FC9-38BC369EF80B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F0814397-0E16-4647-A2FD-F94E376F15B6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{39E34AE0-4B51-42DD-836B-858AF6FF90C4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{261E1495-8453-4E4E-A3BB-92BD22179F48}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{C483C7E1-8360-43C7-AB2E-528F7B263F51}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{2A7FF61F-2989-4767-A108-8F73E88CDC6D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CC90C275-4389-4FE1-8629-AA50383E8D32}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2F22F8C2-1000-4990-BB9D-237FF31F8AAE}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{EF0AF870-0838-4C9D-955E-FB87430EFF22}] => (Allow) D:\Program\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )

FirewallRules: [{6EAC56A5-64A5-41E5-B8F7-36525EDBBB0B}] => (Allow) D:\Program\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> )

FirewallRules: [{EA7F8329-1E07-4D9E-A719-59DF01D375B2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EB981DB8-B330-4529-945B-69FCDB2CA30B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{DAC5860E-204D-4166-B0C4-815C57115675}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{90895323-3D37-4CB4-9F0F-2CF2267AFCCA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{44C11070-136C-4D84-A2BD-8F999076285D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{42807E18-06B6-4FF2-8627-1E7EA8C74E3D}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{7DA07BC8-C036-4FAF-8987-92596BE37D35}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8C4B55F8-F1F0-471E-8E4C-7BAE53E19F08}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{225CCAEB-AA32-49BE-B61B-9E0E59A38C0D}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{457DEC1A-BCC5-4E3D-B2A5-51F66AC2563E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{ABC48160-C656-4046-9C6E-5A6169BC9660}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8B2781D4-4E36-423C-BAE1-C50D616B16D7}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{B186B045-56D6-4EEA-83AB-73A6B75A1F5F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{776BB1AA-1DFC-4A40-BD05-88997E3C61DF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{74476722-FBED-4F12-AE0D-EB772F68D504}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{33ED235C-30E9-41DE-AD4D-B64759AEE184}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{D191817C-DE4D-4B23-A8C3-51D78A7AE77D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{883235B6-4D4E-4C2F-AD26-0E5033EA2F61}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{11C08593-A0A2-4C50-9FC8-BF8241B6420B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{54DFF862-595A-4DA2-9931-53D91E4C309C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{3829D5CB-4A1C-41A1-B967-0A6E9EA10A64}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{6D4BDAC4-A84D-4884-BA8D-76188D32CD97}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AE1D63A3-3862-41F2-8911-E586F96DD4F8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6D58118E-CB0B-4345-B81A-F075D0C4367F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{409CC5C7-2AD5-42D9-A4CB-438515396890}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{844770C1-1F21-4AB5-BF00-88AD5A285171}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0BC4059C-4E5E-4AB4-A2AE-39151D0C1752}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{261A1868-81B6-4317-A26E-FDEE68C7C8A4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B9FDBC92-AF0F-4166-B4E1-64489964ACC3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CA62BF63-DA43-4E4F-A344-29034CA65517}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{CB68EFEF-DC0A-462C-827C-606D0A0183D4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{54B09A9A-CDAF-47A8-802D-4E635B42CA3B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{41A91B1C-6A0C-40B2-9081-C5A8CB84E6F3}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{31F61772-BDCA-434B-86C5-8622C11B8465}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{155A27AD-7C52-495F-B9D5-8FA55F6F2DEB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8E4D5E44-D9E1-4D09-B80F-F7DE0EE83CBA}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D32C100F-201B-4DAA-861E-1B20E76727A9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4416EC62-9C34-40A8-A2AC-E250C664BF71}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{721B0988-E904-462B-BAC6-C7D9A0ECF4F9}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{1B4942EB-70EB-4BD3-B550-2D576A72F54C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5CB2A561-0235-4A0F-A1D0-41C32EDE91B9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6E796FDB-3CAC-4CF6-832B-47AC95BFD066}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{3D0579B6-64E5-48B5-BF8F-5D6CFFF05D34}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{8C2EB82F-00DA-4EF1-91EA-54F0A39CA8F9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{BFA470DF-4575-4F0C-A38B-BBEE0705F3AD}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{CF19639B-2AE8-4984-B671-8E403DF9FC63}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A42212C5-0D7D-469C-A366-4CA95369341B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{311095A4-54F2-4557-BC9E-1DD20D1EDCFC}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{383347AF-BFFD-4B8D-9F40-A40355D3CD26}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B98C1FE0-F0CB-41E0-BFDC-5FB77B2E92D7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FD69058E-506B-4669-A717-976CD85396AB}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{87A23EFD-DB77-428D-8AC7-088A71C43DC4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{785C0CBB-76F4-4213-A936-CECA82820041}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{54020155-D633-4150-A6FA-9A2D7BEF123F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{43C96623-FD30-4703-B140-E33190400888}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{FCD38328-1C1B-4138-8DA6-0D8EE7CA3EFD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{20241E13-21C2-4900-8D37-1B978FE75DEE}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{F56D9AAA-C9FA-4139-9B8E-3E94AB73B96E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{61B7D146-394B-47B2-8555-83C31CBEAD30}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{994B8F6F-28E3-4B8A-A087-A3AAA1390465}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{C2F9EA70-EFD9-43C6-A2DA-BCF45E42BE06}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{166BFD65-875B-49B8-BFBA-5FD5BBD84393}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{96B7E745-30BC-49A0-9608-649CA8A2DF02}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{2EC8437A-0000-4B39-B6A9-22149794DA6E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AD5C5BD4-D5CE-4622-8020-8B3BD561DE97}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{EB10EE85-C3E5-4AD7-9337-1B4B302AFD3F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{0F0A34DF-047D-46D0-A3DC-E3EDDB535DD3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{1ED23D5B-EAE0-4847-81FD-58C064E00710}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{E3DA1670-D26A-4CF7-81DF-C54216C84B52}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{D6830379-3806-4C1B-8B53-90963DF20404}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{032E0820-7245-408C-8CB8-D2B255CD1981}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{F5AFB21F-0BF6-4CAE-8F93-DA624E65A158}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{AEF3FE64-86C4-4812-8158-2B19D3C95938}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B94A4F2C-77FE-4508-A858-E47F89A8694C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{4E0E5044-4EB1-4BF2-8A64-1296BB0CBA84}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{F3D9BF31-A4BE-4BA5-BBBF-2B5556EA6B8F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{13892C62-7EBA-471E-A3D5-166E784D97D0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{AC976604-BFA9-4220-A247-100497CE3008}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{E318E43D-51C3-4F2C-94EA-5633955F1063}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{505C9654-AD58-4AF3-8E6C-4168CC09DB44}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{A6DC662E-B5AA-4809-BCA5-AAC04B6719E1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{02D9BB3C-93A4-4A2C-B38F-D571C66CFA45}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{5E03B598-6837-4B17-B8E4-9AB5B63C8DCF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{57F6DDD5-F92C-4D87-97B1-B507FACD641B}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{ACC20ACE-27E5-4235-9A71-33B86219F17A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{CF7BF3CF-613D-4EDD-9370-F4F92EE69A04}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B99CAFD5-00AB-479C-A2CC-28AD4126A724}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{6700667C-2E6E-43E9-A04B-AC27C87B735D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{6486304B-059B-4456-A13A-8472A27EB49B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{0020D541-D59F-491D-AFF8-F0C4127595E1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{F6299B61-0F69-460A-85B5-130DEC7609F2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{2F001222-76C3-404A-977C-257AE4989DF5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)

FirewallRules: [{B507AD9B-B0E9-48D6-BE3E-FDEEBCAC9D3D}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe (Microsoft Windows -> InstallShield Software Corporation)

FirewallRules: [{6501E0D0-8C84-43A3-BCF3-371D13A59CB1}] => (Allow) D:\Program\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]

FirewallRules: [{E475ED23-F363-4742-AFC6-1A2DA7E5CCF3}] => (Allow) D:\Program\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]

FirewallRules: [{93AAB8A1-5416-42ED-A7A7-CC1C025FA4DB}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{A006C935-C730-4B20-9EB1-EDB8A5AA0749}] => (Allow) D:\Program\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )

FirewallRules: [{1CBF2762-3211-4EC3-9AA6-B1824F86463E}] => (Allow) D:\Program\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )

FirewallRules: [{F482E4D8-4891-483A-9232-6E92CA6E71F8}] => (Allow) D:\Program\steamapps\common\Thief Simulator\thief.exe () [File not signed]

FirewallRules: [{A6AFA80B-F38F-494B-AF02-CFA61ACD8157}] => (Allow) D:\Program\steamapps\common\Thief Simulator\thief.exe () [File not signed]

FirewallRules: [{8A7CC896-0EA7-4E28-A541-74373349FDF8}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)

FirewallRules: [{7C7A3C6F-3C9F-4339-8954-E3A6610C6F5E}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)

FirewallRules: [{B62B30CE-A939-4B98-B6EE-E84DA429A920}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)

FirewallRules: [{E0BD2943-2B89-4A12-8E0C-68AE452375EC}] => (Allow) C:\Users\Hossam\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{569785A0-B932-4B2C-8483-A9F447BE9B30}] => (Allow) C:\Users\Hossam\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{9C7A110E-7513-4CE1-8FCC-965F3276FEB5}] => (Allow) D:\Program\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]

FirewallRules: [{F56B895C-838B-4C2C-AEC8-1028BCF3B760}] => (Allow) D:\Program\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]

FirewallRules: [{2B892B33-8644-49DD-B5F6-9AB71E7B8C68}] => (Allow) D:\Games\NeedForSpeedPaybackTrial.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{5FC3D08C-F056-4C25-BA72-DE1EAFAC9746}] => (Allow) D:\Games\NeedForSpeedPaybackTrial.exe (Electronic Arts, Inc. -> Electronic Arts)

FirewallRules: [{D5FB4A4C-14FD-43D9-AB5C-544ED1DE8425}] => (Allow) D:\Games\NeedForSpeedPayback.exe (Electronic Arts) [File not signed]

FirewallRules: [{CA0A50E5-689A-4510-9832-CD52CFCCD0BA}] => (Allow) D:\Games\NeedForSpeedPayback.exe (Electronic Arts) [File not signed]

FirewallRules: [{85931968-978B-4F82-968E-153FD8674EE3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

FirewallRules: [{81F16CC0-B972-4425-9440-7632A9F6AE3C}] => (Allow) D:\Program\steamapps\common\Uno\UNO.exe () [File not signed]

FirewallRules: [{3724A748-6624-4D7A-8170-7724170E559B}] => (Allow) D:\Program\steamapps\common\Uno\UNO.exe () [File not signed]

FirewallRules: [{C8C1AFC9-23B0-4894-A5DF-C530337E9567}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{061DAC86-9AF8-4FB4-B233-ACB95A5BB4FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{8C297319-67EA-4637-81E3-B62E38624494}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{BFA78EE3-7693-4907-9069-416FC68CBC80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{57A9D081-B0F0-4F37-AA16-93D38DF0899A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D9463C25-36E4-4BB6-B961-6CC6CD7EA59B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{273227E0-6BEB-408D-9EA3-859AFE9BF550}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{004E2AD8-639D-4017-AFCF-F97B5F37A58C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{E7D39085-1335-4539-93A1-504D9E8F7EF9}] => (Allow) D:\Program\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{C7BA6E7B-F3D9-487D-80C0-6D342EC17FD0}] => (Allow) D:\Program\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{DAC33DFD-FA21-48E4-B2A3-B04070D99EFE}] => (Allow) D:\Program\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )

FirewallRules: [{268FE9B7-D274-4673-8A9B-1489AFC3BA2C}] => (Allow) D:\Program\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )

FirewallRules: [{DB3B71ED-C514-4FED-BF98-8B3BEACA739C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{AF7F5F7C-DA2D-4183-A739-3A53E5A56738}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (04/19/2019 06:02:17 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

Undantagskod: 0xc0000005

Felförskjutning: 0x0000000000006f58

Process-ID: 0xd20

Programmets starttid: 0x01d4f6bd139e6c3a

Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Rapport-ID: c0673651-e437-41d2-98ea-34a1e6f4d6d8

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (04/19/2019 04:42:05 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0

Error: (04/19/2019 01:50:04 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

Undantagskod: 0xc0000005

Felförskjutning: 0x0000000000006f58

Process-ID: 0xffc

Programmets starttid: 0x01d4f62561c38cb1

Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Rapport-ID: 7ccdafaa-45e5-4be0-92d4-e9798788dbeb

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (04/18/2019 10:58:18 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programmet Adobe Premiere Pro.exe, version 11.0.1.6 avslutades eftersom det slutade samverka med Windows. Ytterligare information om problemet kan finnas i problemhistoriken i Säkerhet och underhåll på Kontrollpanelen.

Process-ID: 3afc

Starttid: 01d4f6294b16bd0c

Avslutningstid: 5

Programsökväg: D:\Program\adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe

Rapport-ID: 74c9b899-0393-4e43-a976-df432ead0129

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Typ av låsning: Unknown

Error: (04/18/2019 01:41:52 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

Undantagskod: 0xc0000005

Felförskjutning: 0x0000000000006f58

Process-ID: 0x10b0

Programmets starttid: 0x01d4f5c93fb4ec52

Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Rapport-ID: f12711ea-9bb0-4cbe-b113-d5bb71d3da24

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (04/18/2019 11:35:42 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0

Error: (04/17/2019 10:37:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

Undantagskod: 0xc0000005

Felförskjutning: 0x0000000000006f58

Process-ID: 0x113c

Programmets starttid: 0x01d4f5090625a41a

Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Rapport-ID: 766541c3-c8b8-4785-9083-74e5c1337512

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (04/17/2019 03:51:18 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

, felet uppstod i modulen med namn: CsrBtOBEXService.exe, version 2.1.63.0, tidsstämpel 0x4f68683b

Undantagskod: 0xc0000005

Felförskjutning: 0x0000000000006f58

Process-ID: 0xfdc

Programmets starttid: 0x01d4f48d8ff36789

Sökväg till program: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Sökväg till modul: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

Rapport-ID: 2354ed2f-47a8-41e6-af0f-1c59a5e9f029

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

System errors:

=============

Error: (04/19/2019 07:48:32 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID

Windows.SecurityCenter.SecurityAppBroker

och APPID

Inte tillgänglig

till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (04/19/2019 07:48:32 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID

Windows.SecurityCenter.WscBrokerManager

och APPID

Inte tillgänglig

Error: (04/19/2019 07:47:29 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID

{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}

och APPID

{15C20B67-12E7-4BB6-92BB-7AFF07997402}

till användaren Lenovo-PC\Hossam SID (S-1-5-21-561342403-3159581679-3982711157-1001) från adress LocalHost (med LRPC) som körs i programbehållaren SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0 SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (04/19/2019 07:47:16 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Starta för COM-serverprogrammet med CLSID

Windows.SecurityCenter.WscCloudBackupProvider

och APPID

Inte tillgänglig

till användaren Lenovo-PC\Hossam SID (S-1-5-21-561342403-3159581679-3982711157-1001) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (04/19/2019 07:46:41 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID

{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}

och APPID

{15C20B67-12E7-4BB6-92BB-7AFF07997402}

Error: (04/19/2019 07:46:30 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

och APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (04/19/2019 07:46:30 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)

Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

och APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

Error: (04/19/2019 06:02:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Tjänsten CSR OBEX Service avslutades oväntat. Detta har skett 1 gånger.

CodeIntegrity:

===================================

Date: 2019-04-15 21:46:40.189

Description:

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-15 21:46:40.185

Description:

Date: 2019-04-14 20:12:02.260

Description:

Date: 2019-04-14 20:12:02.258

Description:

==================== Memory info ===========================

Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz

Percentage of memory in use: 40%

Total physical RAM: 16316.16 MB

Available physical RAM: 9634.45 MB

Total Virtual: 19260.16 MB

Available Virtual: 12272.13 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:109.5 GB) (Free:18.4 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (Lenovo) (Fixed) (Total:1838.6 GB) (Free:925.02 GB) NTFS

\\?\Volume{77fe8ff8-337a-4ffe-a2c5-376da0b5b6fe}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.7 GB) NTFS

\\?\Volume{9772911b-4763-4905-a655-333bd5f4b416}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS

\\?\Volume{a6db99f2-20b2-4e7e-ae54-0a157bb91c55}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.91 GB) NTFS

\\?\Volume{cf69f787-6b58-4040-bdef-e9403b5c0ed7}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 111.8 GB) (Disk ID: 3DA3A1E8)

Partition: GPT.

========================================================

Disk: 1 (Size: 1863 GB) (Disk ID: 3DA3A1F6)

Partition: GPT.

==================== End of Addition.txt ============================

#6
iMacg3

Posted 19 April 2019 - 06:51 PM

GeekU PowerPC G3

GeekU Moderator
1,921 posts

Hi,

Going over your logs I noticed that you have uTorrent and Popcorn Time installed.

Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent and Popcorn Time, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

------------------------------------------

Do you recognize this folder?

C:\ESD

------------------------------------------

Press the Windows Key + R. This will open the Run box.
Type Appwiz.cpl and click OK.

A list of installed programs will appear. Uninstall the below programs in bold by selecting them and clicking Uninstall:

amuleC (HKLM-x32\...\{19539992-061C-4E8B-9053-07B175303AF4}) (Version: 1.0.1 - amuleC) <==== ATTENTION
lightcleaner version 1.0 (HKLM-x32\...\{2C1A121C-292F-460D-BA62-3B9886D0DE46}_is1) (Version: 1.0 - 360dev)

Follow the steps in the uninstaller to remove the program.

------------------------------------------

We need to run a fix with FRST:

Note: This step will reset your Firewall settings. If a program you recognize asks for access to the Internet, agree to the request.

Please download the attached fixlist.txt file and save it to the same location as FRST
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
(( fixlist.txt 30.53KB 702 downloads ))
Run FRST.exe/FRST64.exe and press the Fix button just once and wait
If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

#7
HossamL

Posted 19 April 2019 - 07:58 PM

Member

Topic Starter
Member
15 posts

It worked!! Thanks a lot! Can i remove FRST?

#8
iMacg3

Posted 19 April 2019 - 08:04 PM

GeekU PowerPC G3

GeekU Moderator
1,921 posts

Hi,

Please post the fixlog.txt created by FRST. It will be in the same directory as FRST64.
This way we can confirm the malware is gone completely.

#9
HossamL

Posted 20 April 2019 - 07:54 AM

Member

Topic Starter
Member
15 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019

Ran by Hossam (20-04-2019 03:41:31) Run:1

Running from C:\Users\Hossam\Downloads

Loaded Profiles: Hossam (Available Profiles: Hossam & Administratör)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

EmptyTemp:

CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

IFEO\taskmgr.exe: [Debugger]

GroupPolicy: Restriction ? <==== ATTENTION

SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKU\.DEFAULT -> DefaultScope {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\.DEFAULT -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> DefaultScope {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {531DDA05-DF20-46A2-A8C0-A85ED94016E4} URL =

SearchScopes: HKU\S-1-5-21-561342403-3159581679-3982711157-1001 -> {DC06812F-A7D0-45C4-B88E-602B480065DC} URL =