Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Yahoo Redirect [Solved]

Started by Legocadet , Apr 19 2020 08:13 PM

  • This topic is locked This topic is locked

#1
Legocadet
Posted 19 April 2020 - 08:13 PM

Legocadet

    Member

  • Member
  • PipPip
  • 53 posts

Hello, I have been having trouble with my Chrome browser as of late, occasionally when I search something in Google, the search would redirect to Yahoo Search, I have tried to search for a fix however my anti-virus won't detect it, the way Chrome says to fix it doesn't work, so I have come here for some help, thank you in advance


  • 0

Advertisements

#2
Satchfan
Posted 19 April 2020 - 08:33 PM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

Hello Legocadet and welcome to GeeksToGo.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please complete these tasks in the order given in the instructions.

===================================================

Run Malwarebytes Anti-Malware

You may have Malwarebytes Anti-Malware installed but if not, you can download it from here:

  • run the program
  • click on the Scan
  • the scan will begin when it has updated itself
  • when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
  • if prompted to restart the computer, close all other programs and click Yes to restart your computer
  • once you are back at your desktop, open MBAM once more
  • click on the ‘Reports’ tab
  • double-click on the most recent Scan Report
  • click on Export, then Copy to Clipboard

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

  • run AdwCleaner by clicking on Scan Now
  • when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
  • if it asks to reboot, allow the reboot
  • on reboot, click on View Log File; please attach the content of the log to your next reply.

Logs to include with the next post:

AdwCleaner log
Mbam.txt

Thanks

Satchfan

 


  • 0

#3
Legocadet
Posted 19 April 2020 - 08:48 PM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Hi, here are the logs:
 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-20-2020
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  0
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
No malicious folders cleaned.
 
***** [ Files ] *****
 
No malicious files cleaned.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
No malicious registry entries cleaned.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries cleaned.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs cleaned.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries cleaned.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries cleaned.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
AdwCleaner[S00].txt - [1406 octets] - [19/04/2020 03:03:37]
AdwCleaner[S01].txt - [1467 octets] - [20/04/2020 03:40:55]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

------------------------------------------------------

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 20/04/2020
Scan Time: 03:45
Log File: 01994d3e-82b1-11ea-b066-7085c2d4379c.json
 
-Software Information-
Version: 4.1.0.56
Components Version: 1.0.875
Update Package Version: 1.0.22678
Licence: Trial
 
-System Information-
OS: Windows 10 (Build 18362.778)
CPU: x64
File System: NTFS
User: DESKTOP-N3VAI1B\Zac
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301008
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 53 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)

  • 0

#4
Satchfan
Posted 20 April 2020 - 05:34 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

Those came up with nothing so we need another look.

 

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • right click to run as administrator, (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to the disclaimer.
  • press the Scan button
  • it will produce a log called Frst.txt in the same directory the tool is run from
  • please copy and paste log back here.
  • the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.

Logs to include with your next post:

Frst.txt
Addition.txt

Thanks

Satchfan


  • 1

#5
Legocadet
Posted 20 April 2020 - 10:37 AM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Here are the logs:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2020
Ran by Zac (administrator) on DESKTOP-N3VAI1B (20-04-2020 17:31:17)
Running from C:\Users\Zac\Downloads
Loaded Profiles: Zac (Available Profiles: Zac)
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Blender Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\blender.exe
(BullGuard Ltd -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BgGameMon.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentryEye.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(Discord Inc. -> Discord Inc.) C:\Users\Zac\AppData\Local\Discord\app-0.0.306\Discord.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <51>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Zac\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Roblox Corporation -> Roblox Corporation) C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\RobloxStudioBeta.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2019-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe [412520 2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Discord] => C:\Users\Zac\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [913800 2019-12-03] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Gaijin.Net Updater] => C:\Users\Zac\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2415480 2020-02-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Gaijin.Net Agent] => C:\Users\Zac\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3511536 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Spotify] => C:\Users\Zac\AppData\Roaming\Spotify\Spotify.exe [22825376 2020-03-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --disable-quic --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --disa (the data entry has 147 more characters).
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3511536 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1481D11F-4A36-42D3-A3AA-B3AF947E1929} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-14] (Google Inc -> Google LLC)
Task: {1500DB97-A0A7-4989-9669-2269F67F9096} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1933ECA0-5917-4743-B65E-39FC5F6EE2F8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {226A4581-C037-438D-8E80-014F37A2123A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3AC26D1B-6EDC-476C-88D0-82458592C1B7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59A76B8A-31CD-4E48-894F-829484AE5DC1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {682AD4DC-F72E-43A6-984E-6B43C8D85A11} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7628C268-1307-49F5-9E3B-7900FF19DD28} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {B8463FCA-60F7-4AA0-BD03-E30B159D03C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBD153A9-F999-48D1-9516-056D163A6EB0} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {BBE6B4D1-5681-40E0-A070-708C3B373CB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-14] (Google Inc -> Google LLC)
Task: {C9AB4A15-84D5-433C-AF72-C98893F87B2C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E94CE-90EB-45F3-A3C4-0E723B58D999} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBC83A1F-CB22-4FE8-8645-9BE297C05758} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FE8989A0-9781-4CC2-AA79-E0A0021CEE2F} - System32\Tasks\BullGuard\BullGuardUpdate2 => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe [2975080 2020-01-28] (BullGuard Ltd. -> BullGuard Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4bc32997-0286-4b4a-b853-dc8a442c3f81}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\S-1-5-21-2782468524-2809958065-3864316782-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2782468524-2809958065-3864316782-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard => not found
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default [2020-04-20]
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/webhp?sourceid=chrome-instant&ion=1&espv=2&es_th=1&ie=UTF-8","hxxps://www.youtube.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-14]
CHR Extension: (Dark Skin For Crunchyroll) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjiicokbioponboibkfhfgmhcacafph [2020-03-30]
CHR Extension: (Docs) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-14]
CHR Extension: (Google Drive) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-14]
CHR Extension: (YouTube) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-14]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2019-11-26]
CHR Extension: (Adblock for Youtube™) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-08-14]
CHR Extension: (Sheets) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-14]
CHR Extension: (Gyazo) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2019-09-28]
CHR Extension: (PaintZ) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdjcnhanmagpjdpilaehedkchegnkdoj [2019-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-08-14]
CHR Extension: (Pixlr Editor) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2019-08-14]
CHR Extension: (My Planet) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkjngeiogimjcpifgmkmamcjibefog [2019-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Portal 2D) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\noeojpcnabfdkncikfpepcpcldcfmpeb [2019-08-14]
CHR Extension: (Gmail) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2020-01-05] (BattlEye Innovations e.K. -> )
S3 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBackup.exe [1606504 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe [833384 2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
R3 BsHelper; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe [390352 2019-11-13] (BullGuard Ltd -> BullGuard Ltd.)
R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe [5197672 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe [2985832 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsNet; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe [1202024 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [396136 2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsSentry; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe [768872 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2990952 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 HnGSteamService; H:\Games\steamapps\common\Heroes & Generals\hngservice.exe [788264 2020-04-15] (Reto-Moto ApS -> Reto-Moto ApS)
R2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483816 2019-08-13] (ICEpower a/s -> ICEpower a/s)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [980568 2020-03-04] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1490008 2020-03-04] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-12-12] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [289008 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-12-13] (Razer USA Ltd. -> Razer Inc.)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-02-18] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2019-08-13] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32760 2019-08-13] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [138544 2019-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [175128 2020-01-21] (BullGuard LTD -> BullGuard Ltd.)
S0 BdBoot; C:\Windows\System32\DRIVERS\BdBoot.sys [29320 2019-08-28] (Microsoft Windows Early Launch Anti-malware Publisher -> BullGuard Ltd.)
R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [178760 2019-03-05] (BullGuard LTD -> BullGuard Ltd.)
R0 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [155456 2020-01-21] (BullGuard LTD -> BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\DRIVERS\BdSpy.sys [90912 2020-01-21] (BullGuard LTD -> BullGuard Ltd.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [124560 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvaki.inf_amd64_4cae9e420e36f6e5\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0203; C:\Windows\System32\drivers\RzDev_0203.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [18768 2020-02-22] () [File not signed]
R2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2019-08-13] (ATI Technologies, Inc -> ATI Technologies Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [611728 2019-10-31] (Bitdefender SRL -> Bitdefender)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [344288 2019-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-13] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-20 17:31 - 2020-04-20 17:31 - 000027077 _____ C:\Users\Zac\Downloads\FRST.txt
2020-04-20 17:30 - 2020-04-20 17:31 - 000000000 ____D C:\FRST
2020-04-20 17:22 - 2020-04-20 17:22 - 002281984 _____ (Farbar) C:\Users\Zac\Downloads\FRST64.exe
2020-04-20 03:45 - 2020-04-20 03:45 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000124560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-20 03:44 - 2020-04-20 03:44 - 000002031 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-20 03:44 - 2020-04-20 03:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-20 03:44 - 2020-04-20 03:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-20 03:43 - 2020-04-20 03:43 - 001928352 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup-076981.076981-Consumer (1).exe
2020-04-20 03:43 - 2020-04-20 03:43 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-20 03:41 - 2020-04-20 03:41 - 001928352 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup-076981.076981-Consumer.exe
2020-04-20 03:40 - 2020-04-20 03:40 - 008196784 _____ (Malwarebytes) C:\Users\Zac\Downloads\adwcleaner_8.0.4 (1).exe
2020-04-20 02:44 - 2020-04-20 02:44 - 000000035 _____ C:\Users\Zac\Downloads\Emergency.rbxl.lock
2020-04-20 02:37 - 2020-04-20 02:37 - 006688009 _____ C:\Users\Zac\Downloads\Emergency.rbxl
2020-04-19 19:24 - 2020-04-19 19:24 - 000000000 ___HD C:\OneDriveTemp
2020-04-19 03:02 - 2020-04-19 03:03 - 000000000 ____D C:\AdwCleaner
2020-04-19 03:02 - 2020-04-19 03:02 - 008196784 _____ (Malwarebytes) C:\Users\Zac\Downloads\adwcleaner_8.0.4.exe
2020-04-19 03:02 - 2020-04-19 03:02 - 001965536 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup (1).exe
2020-04-18 23:44 - 2020-04-18 23:44 - 000074388 _____ C:\Users\Zac\Downloads\Jacobstown.rbxm
2020-04-18 17:38 - 2020-04-18 17:38 - 000089423 _____ C:\Users\Zac\Downloads\Golf.rbxm
2020-04-18 16:58 - 2020-04-18 16:58 - 000089862 _____ C:\Users\Zac\Downloads\Atomic Wrangler.rbxm
2020-04-17 19:15 - 2020-04-17 19:15 - 000080243 _____ C:\Users\Zac\Downloads\Bison Steve building.rbxm
2020-04-17 01:24 - 2020-04-17 01:25 - 2182639373 _____ C:\Users\Zac\Downloads\MythicManor-0.12-pc.zip
2020-04-16 23:50 - 2020-04-16 23:50 - 074365233 _____ C:\Users\Zac\Downloads\NV.rbxl
2020-04-16 20:52 - 2020-04-16 20:52 - 000000000 ____D C:\Users\Zac\AppData\Local\mbamtray
2020-04-16 20:52 - 2020-04-16 20:52 - 000000000 ____D C:\Users\Zac\AppData\Local\mbam
2020-04-16 20:51 - 2020-04-16 20:51 - 001965536 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup.exe
2020-04-16 09:32 - 2020-04-16 09:33 - 111613569 _____ C:\Users\Zac\Downloads\Down_and_Out_0.0.5a.zip
2020-04-16 02:08 - 2020-04-16 02:08 - 019384223 _____ C:\Users\Zac\Downloads\Perchance_to_Dream_1.0.1.zip
2020-04-16 00:44 - 2020-04-11 22:55 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000450280 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000346856 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-04-16 00:44 - 2020-04-11 22:54 - 011945872 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-04-16 00:44 - 2020-04-11 22:54 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 017601632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 015158384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 005855856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 005159520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 002074232 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001722480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444587.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001566328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001483376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444587.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001481328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001350792 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001142200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001048504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000817080 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000811448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000679864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000676448 _____ C:\Windows\system32\nvofapi64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000546744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000543160 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-04-16 00:44 - 2020-04-11 22:51 - 004195688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 018027520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 006523048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 004129624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-04-16 00:04 - 2020-04-16 00:04 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001077064 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-04-16 00:04 - 2020-04-16 00:04 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-04-16 00:04 - 2020-04-16 00:04 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-04-16 00:04 - 2020-04-16 00:04 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-04-16 00:04 - 2020-04-16 00:04 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-04-16 00:03 - 2020-04-16 00:03 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 003802624 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 003587384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 002767928 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002086656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001999960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-16 00:03 - 2020-04-16 00:03 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-04-16 00:03 - 2020-04-16 00:03 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000127280 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000058880 _____ C:\Windows\system32\runexehelper.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-04-15 23:58 - 2020-03-17 04:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-15 23:58 - 2020-03-17 04:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-15 19:49 - 2020-04-15 19:49 - 000020341 _____ C:\Users\Zac\Downloads\Helipad.rbxm
2020-04-15 19:46 - 2020-04-15 19:46 - 000367225 _____ C:\Users\Zac\Downloads\Vertibirds_of_Vegas.rbxm
2020-04-15 15:38 - 2020-04-15 15:38 - 000598435 _____ C:\Users\Zac\Downloads\f4se_0_06_21.7z
2020-04-14 09:00 - 2020-04-14 09:00 - 000058266 _____ C:\Users\Zac\Downloads\message (1).txt
2020-04-13 21:55 - 2020-04-13 21:55 - 001147122 _____ C:\Users\Zac\Downloads\NCR_Weaponry.rbxm
2020-04-13 21:47 - 2020-04-13 21:47 - 000463157 _____ C:\Users\Zac\Downloads\Armor.rbxm
2020-04-13 13:58 - 2020-04-13 13:58 - 000043413 _____ C:\Users\Zac\Downloads\Booyah.rbxm
2020-04-13 05:29 - 2020-04-13 05:29 - 000000221 _____ C:\Users\Zac\Desktop\Fallout 3 - Game of the Year Edition.url
2020-04-13 02:32 - 2020-04-13 02:32 - 000478322 _____ C:\Users\Zac\Downloads\Combat and Power Armour.rbxm
2020-04-12 23:05 - 2020-04-12 23:05 - 000676577 _____ C:\Users\Zac\Downloads\fallout-3-crashed-vertibird.zip
2020-04-12 19:18 - 2020-04-12 19:18 - 003012222 _____ C:\Users\Zac\Downloads\Hidden Valley.rbxl
2020-04-12 17:19 - 2020-04-12 17:19 - 000822886 _____ C:\Users\Zac\Downloads\blender_nif_plugin-2.6.0a0.dev4.zip
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\Python33
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.3
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyFFI
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\Program Files (x86)\PyFFI-py3k
2020-04-12 17:17 - 2020-04-12 17:17 - 020508672 _____ C:\Users\Zac\Downloads\python-3.3.0.amd64.msi
2020-04-12 17:16 - 2020-04-12 17:16 - 001535500 _____ C:\Users\Zac\Downloads\PyFFI-2.2.2.win32.exe
2020-04-12 17:15 - 2020-04-12 17:15 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2020-04-12 17:14 - 2020-04-12 17:14 - 026481424 _____ (Python Software Foundation) C:\Users\Zac\Downloads\python-3.8.2.exe
2020-04-12 17:14 - 2020-04-12 17:14 - 000000000 ____D C:\Users\Zac\AppData\Local\Package Cache
2020-04-12 17:13 - 2020-04-12 17:13 - 001431791 _____ C:\Users\Zac\Downloads\pyffi-pyffi-2.2.3.zip
2020-04-12 17:12 - 2020-04-12 17:12 - 000192964 _____ C:\Users\Zac\Downloads\blender_nif_scripts-2.5.9.77b0815-windows.exe
2020-04-12 17:12 - 2020-04-12 17:12 - 000136614 _____ C:\Users\Zac\Downloads\blender_nif_scripts-2.5.9.77b0815.zip
2020-04-12 17:11 - 2020-04-12 17:11 - 002679906 _____ C:\Users\Zac\Downloads\PyFFI-2.1.11.cefd181.win32.exe
2020-04-12 17:10 - 2020-04-12 17:10 - 011293392 _____ C:\Users\Zac\Downloads\blender-2.49b-windows.exe
2020-04-12 17:05 - 2020-04-16 00:46 - 000000000 ____D C:\Users\Zac\Desktop\BSA
2020-04-12 17:05 - 2020-04-12 17:05 - 005698459 _____ C:\Users\Zac\Downloads\BAE v0.11-78-0-11-1541070494.7z
2020-04-12 02:02 - 2020-04-12 02:02 - 002211934 _____ C:\Users\Zac\Downloads\1434962099_t-45d_p3dm.ru (1).rar
2020-04-11 21:51 - 2020-04-11 21:52 - 042034390 _____ C:\Users\Zac\Downloads\PC Computer - Fallout 4 - APC.zip
2020-04-11 18:56 - 2020-04-11 18:58 - 042034390 _____ C:\Users\Zac\Downloads\APC (1).zip
2020-04-10 20:46 - 2020-04-10 20:46 - 000248522 _____ C:\Users\Zac\Downloads\office-chair-ruined.zip
2020-04-10 20:06 - 2020-04-10 20:12 - 000386882 _____ C:\Users\Zac\Downloads\T51.rbxm
2020-04-10 19:31 - 2020-04-10 19:33 - 042034390 _____ C:\Users\Zac\Downloads\APC.zip
2020-04-10 19:24 - 2020-04-10 19:24 - 006153620 _____ C:\Users\Zac\Downloads\Office Desk.zip
2020-04-10 19:24 - 2020-04-10 19:24 - 000780112 _____ C:\Users\Zac\Downloads\workbench.zip
2020-04-10 19:21 - 2020-04-10 19:21 - 001707776 _____ C:\Users\Zac\Downloads\artelery (1).zip
2020-04-10 17:43 - 2020-04-10 17:43 - 000063124 _____ C:\Users\Zac\Downloads\Outfits.rbxm
2020-04-10 16:51 - 2020-04-10 16:51 - 002211934 _____ C:\Users\Zac\Downloads\1434962099_t-45d_p3dm.ru.rar
2020-04-10 16:14 - 2020-04-10 16:14 - 001707776 _____ C:\Users\Zac\Downloads\artelery.zip
2020-04-10 05:49 - 2020-04-10 05:49 - 000682809 _____ C:\Users\Zac\Downloads\Tank Tactics.rbxm
2020-04-10 04:32 - 2020-04-10 04:32 - 006124343 _____ C:\Users\Zac\Downloads\M4A1E7_M5_Shormie_M1.zip
2020-04-10 04:07 - 2020-04-10 04:07 - 002719450 _____ C:\Users\Zac\Downloads\sherman-v.zip
2020-04-10 04:03 - 2020-04-10 04:03 - 000323631 _____ C:\Users\Zac\Downloads\755wxu9pq9kw-sherman.rar
2020-04-10 02:20 - 2020-04-10 02:20 - 000000000 ____D C:\Users\Zac\Desktop\blender-2.79b-windows64
2020-04-10 02:18 - 2020-04-10 02:19 - 115536799 _____ C:\Users\Zac\Desktop\blender-2.79b-windows64.zip
2020-04-03 17:07 - 2020-04-03 17:07 - 000008057 _____ C:\Users\Zac\Downloads\England.svg
2020-04-03 17:07 - 2020-04-03 17:07 - 000008057 _____ C:\Users\Zac\Downloads\England (1).svg
2020-03-30 19:36 - 2020-03-31 21:26 - 000000000 ____D C:\Users\Zac\Downloads\HMP
2020-03-29 22:43 - 2020-03-29 22:43 - 000000222 _____ C:\Users\Zac\Desktop\Hegemony Rome The Rise of Caesar.url
2020-03-29 21:53 - 2020-03-29 21:53 - 000000000 ____D C:\Users\Zac\AppData\LocalLow\ZeroGravity
2020-03-29 21:25 - 2020-03-29 21:25 - 000000222 _____ C:\Users\Zac\Desktop\HELLION.url
2020-03-29 03:05 - 2020-03-29 03:05 - 000000222 _____ C:\Users\Zac\Desktop\Grand Theft Auto V.url
2020-03-28 22:16 - 2020-03-28 22:16 - 004634084 _____ C:\Users\Zac\Downloads\Tanke bola Kugelpanzer.stl
2020-03-27 17:11 - 2020-04-20 01:24 - 000000000 ____D C:\Users\Zac\Downloads\Models
2020-03-27 16:13 - 2020-03-27 16:13 - 000526999 _____ C:\Users\Zac\Downloads\watch.html
2020-03-26 19:55 - 2020-03-26 19:55 - 000000000 ____D C:\Users\Zac\AppData\Roaming\EasyAntiCheat
2020-03-26 00:07 - 2020-03-26 00:07 - 000013519 _____ C:\Users\Zac\Downloads\message.txt
2020-03-25 23:43 - 2020-03-25 23:43 - 000119865 _____ C:\Users\Zac\Downloads\Tonk2.rbxm
2020-03-25 22:24 - 2020-03-25 22:24 - 000260986 _____ C:\Users\Zac\Downloads\Tonk1.rbxm
2020-03-25 21:22 - 2020-03-25 21:22 - 000364739 _____ C:\Users\Zac\Downloads\TONK.rbxm
2020-03-24 16:06 - 2020-03-24 16:06 - 000081549 _____ C:\Users\Zac\Downloads\Hull.rbxm
2020-03-24 03:03 - 2020-03-18 08:51 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2020-03-22 20:44 - 2020-03-22 20:44 - 000000222 _____ C:\Users\Zac\Desktop\Europa Universalis IV.url
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-20 17:32 - 2019-08-14 21:15 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Discord
2020-04-20 17:31 - 2019-08-14 21:20 - 000000000 ____D C:\ProgramData\BullGuard
2020-04-20 17:27 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-20 17:21 - 2019-08-13 17:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-20 12:25 - 2019-08-13 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-20 11:04 - 2019-08-14 21:14 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-20 03:48 - 2019-08-13 17:08 - 000840852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-20 03:48 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-04-20 03:44 - 2019-09-07 22:02 - 000000000 ____D C:\Users\Zac\AppData\Local\LogMeIn Hamachi
2020-04-20 03:44 - 2019-08-15 01:44 - 000000000 ____D C:\Users\Zac\AppData\Local\CrashDumps
2020-04-20 03:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-20 03:42 - 2019-08-14 09:43 - 000000000 ___RD C:\Users\Zac\OneDrive
2020-04-20 03:42 - 2019-08-13 17:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-20 03:41 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-04-20 03:07 - 2020-02-17 18:25 - 000000000 ____D C:\Program Files (x86)\BYOND
2020-04-20 02:08 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF
2020-04-17 20:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-17 20:21 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-17 20:12 - 2019-08-14 09:43 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2782468524-2809958065-3864316782-1002
2020-04-17 20:12 - 2019-08-14 09:39 - 000002371 _____ C:\Users\Zac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 01:26 - 2019-09-05 20:10 - 000000000 ____D C:\Users\Zac\Desktop\HTML
2020-04-17 01:26 - 2019-08-22 11:34 - 000000000 ____D C:\Users\Zac\AppData\Roaming\RenPy
2020-04-16 17:04 - 2019-08-14 21:20 - 000001453 _____ C:\Users\Zac\Desktop\Roblox Studio.lnk
2020-04-16 17:04 - 2019-08-14 21:20 - 000000252 _____ C:\Users\Zac\AppData\LocalLow\rbxcsettings.rbx
2020-04-16 17:04 - 2019-08-14 21:20 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-04-16 07:17 - 2019-08-14 21:20 - 000001441 _____ C:\Users\Zac\Desktop\Roblox Player.lnk
2020-04-16 06:12 - 2019-08-14 21:48 - 000000000 ____D C:\Users\Zac\AppData\Local\NVIDIA
2020-04-16 00:54 - 2019-12-22 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-04-16 00:48 - 2019-08-13 17:02 - 000257824 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-04-16 00:46 - 2019-12-22 13:08 - 000000000 ____D C:\temp
2020-04-16 00:06 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-15 19:36 - 2019-08-20 12:41 - 000001457 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-04-15 19:36 - 2019-08-20 12:41 - 000001457 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-04-15 19:36 - 2019-08-13 17:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-15 19:35 - 2019-08-20 13:08 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-13 18:32 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-13 18:32 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-13 17:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-15 19:35 - 2019-08-13 17:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-15 19:34 - 2019-08-13 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-15 16:47 - 2019-11-07 01:13 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Vortex
2020-04-15 15:20 - 2019-11-07 18:19 - 000000000 ____D C:\Users\Zac\AppData\Local\Fallout4
2020-04-15 14:42 - 2019-12-22 13:06 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-04-14 16:46 - 2019-08-14 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-04-14 16:46 - 2019-08-14 22:05 - 000000000 ____D C:\Program Files (x86)\Java
2020-04-14 16:45 - 2019-08-14 22:05 - 000114344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2020-04-13 22:50 - 2019-08-25 21:59 - 000000000 ____D C:\Users\Zac\AppData\Local\Bethesda.net Launcher
2020-04-13 22:49 - 2019-08-26 00:27 - 000000223 _____ C:\Users\Zac\Desktop\Fallout 76.url
2020-04-12 22:15 - 2019-08-14 21:20 - 000000000 ____D C:\Users\Zac\AppData\Local\Roblox
2020-04-11 22:53 - 2019-08-13 18:31 - 000655312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-04-11 22:52 - 2019-08-20 12:39 - 004927960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-04-11 21:41 - 2019-08-14 09:43 - 000000000 ____D C:\Users\Zac\AppData\Local\D3DSCache
2020-04-11 06:14 - 2019-09-01 00:41 - 000000000 ____D C:\Users\Zac\Documents\DawnOfMan
2020-04-10 02:26 - 2019-09-12 20:14 - 000000000 ____D C:\Users\Zac\Downloads\SkepticalFox-bigworld-blender-tools-wot-wowp-wows-30f43c1b6069
2020-04-09 00:44 - 2019-11-07 01:17 - 000000000 ____D C:\Users\Zac\AppData\Local\falloutnv
2020-04-09 00:44 - 2019-11-07 01:13 - 000002066 _____ C:\Users\Public\Desktop\Vortex.lnk
2020-04-09 00:44 - 2019-11-07 01:13 - 000002066 _____ C:\ProgramData\Desktop\Vortex.lnk
2020-04-07 23:38 - 2019-08-14 21:05 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 23:38 - 2019-08-14 21:05 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-07 23:38 - 2019-08-14 21:05 - 000002270 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-07 18:58 - 2019-08-20 12:41 - 002799416 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-04-07 18:58 - 2019-08-20 12:41 - 002159592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-04-07 18:58 - 2019-08-20 12:41 - 001314792 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-04-04 01:21 - 2019-08-13 18:31 - 000057237 _____ C:\Windows\system32\nvinfo.pb
2020-04-03 22:56 - 2019-08-20 12:40 - 005581808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-04-03 22:56 - 2019-08-20 12:40 - 002631664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 001172464 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 000446264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 000121144 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 000074736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2020-04-03 17:08 - 2019-08-29 10:34 - 000000000 ____D C:\Users\Zac\Desktop\Flagmaker
2020-04-03 11:08 - 2019-08-20 12:40 - 009037867 _____ C:\Windows\system32\nvcoproc.bin
2020-03-30 19:54 - 2019-09-03 02:17 - 000000000 ____D C:\Users\Zac\Documents\Longbow Digital Arts
2020-03-30 19:54 - 2019-09-03 02:17 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Longbow Digital Arts
2020-03-30 00:11 - 2020-02-26 00:32 - 000000000 ____D C:\Users\Zac\AppData\Local\Spotify
2020-03-30 00:06 - 2020-02-26 00:31 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Spotify
2020-03-27 06:55 - 2019-08-20 12:39 - 000170472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-03-27 06:55 - 2019-08-20 12:39 - 000146408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-03-24 03:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Help
2020-03-22 20:50 - 2019-08-14 22:21 - 000000000 ____D C:\Users\Zac\Documents\Paradox Interactive
2020-03-22 20:05 - 2019-08-14 09:39 - 000000000 ____D C:\Users\Zac
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020
Ran by Zac (20-04-2020 17:33:06)
Running from C:\Users\Zac\Downloads
Windows 10 Home Version 1909 18363.778 (X64) (2019-08-13 16:04:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2782468524-2809958065-3864316782-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2782468524-2809958065-3864316782-503 - Limited - Disabled)
Guest (S-1-5-21-2782468524-2809958065-3864316782-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2782468524-2809958065-3864316782-504 - Limited - Disabled)
Zac (S-1-5-21-2782468524-2809958065-3864316782-1002 - Administrator - Enabled) => C:\Users\Zac
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version:  - Ubisoft)
Atom (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\atom) (Version: 1.44.0 - GitHub Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
BullGuard Internet Security (HKLM\...\BullGuard) (Version: 20.0 - BullGuard Ltd.)
Crossout Launcher 1.0.3.104 (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\CrossOutLauncher_is1) (Version:  - )
Discord (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Discord) (Version: 0.0.306 - Discord Inc.)
Floating Sandbox 1.13.0.7 (HKLM\...\{271B0327-AB12-475F-819C-219D6C825A7E}) (Version: 1.13.0.7 - Gabriele Giuseppini)
GameRanger (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gyazo 4.1.0.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 6.1.4 (HKLM\...\{E07820B4-EDC1-44FC-B1AE-D1D0F347F16B}) (Version: 6.1.4 - Oracle Corporation)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Paradox Launcher v2 (HKLM\...\{3D662AC5-4616-4A1C-912E-BD5BF9C9F4C8}) (Version: 2.0.0.0 - Paradox Interactive)
PyFFI 2.2.2 (HKLM-x32\...\PyFFI-py3k) (Version: 2.2.2 - Amorilia <[email protected]>)
Python 3.3.0 (64-bit) (HKLM\...\{290329c4-a276-3aec-b633-9f5a39d8dd96}) (Version: 3.3.150 - Python Software Foundation)
Python 3.8.2 (32-bit) (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\{3182483d-078b-48fa-92c2-798baa1fe27d}) (Version: 3.8.2150.0 - Python Software Foundation)
Python 3.8.2 Core Interpreter (32-bit) (HKLM-x32\...\{6BA6203C-85AB-4B9E-8582-CE31B1B5C0ED}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Development Libraries (32-bit) (HKLM-x32\...\{12B4F371-ACE2-435B-BCF1-623F36C4E176}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Documentation (32-bit) (HKLM-x32\...\{45CEE0C6-5BB2-4A8B-B83C-58559A1CA424}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Executables (32-bit) (HKLM-x32\...\{FE5BE50D-21D5-44FB-9A97-5010E68608DA}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 pip Bootstrap (32-bit) (HKLM-x32\...\{2E818780-AC79-4BC0-8023-C1CC46EAC9B6}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Standard Library (32-bit) (HKLM-x32\...\{09CC0C6D-0822-491E-A10E-2A8443DDF170}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{B1528EAE-7E64-49DB-8CE1-514EB30BB38B}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Test Suite (32-bit) (HKLM-x32\...\{EE21EEE7-9D5A-4ECE-B60F-4BFA63BDA937}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Utility Scripts (32-bit) (HKLM-x32\...\{E284B869-7701-4A91-82C2-D3E66974A0F9}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{AF12A465-EA47-447D-B6BF-2A82CDBE2F0E}) (Version: 3.8.6994.0 - Python Software Foundation)
Rags Suite (HKLM-x32\...\{7C60776C-C6EA-4C59-926B-BA76703D2608}) (Version: 2.4.16 - RagsGame)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0331.033010 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8403 - Realtek Semiconductor Corp.)
Roblox Player for Zac (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Zac (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\roblox-studio) (Version:  - Roblox Corporation)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Spotify (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Theme Park Inc (HKLM-x32\...\{094FABA0-4865-11D4-95B6-000103485DB6}) (Version:  - )
Theme Park World (HKLM-x32\...\Theme Park World) (Version:  - )
Twitch (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ultimate Admiral: Dreadnoughts  (HKLM-x32\...\Ultimate Admiral: Dreadnoughts) (Version:  - GameLabs)
Uplay (HKLM-x32\...\Uplay) (Version: 94.0 - Ubisoft)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.1.15 - Black Tree Gaming Ltd.)
War Thunder Launcher 1.0.3.172 (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Wargaming.net Game Center (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Wargaming.net Game Center) (Version: 19.9.2.8852 - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World_of_Warships_EU (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
WorldBox version 0.4.136 (HKLM-x32\...\{49225ABB-EE43-47CB-9226-FDF111C713FE}_is1) (Version: 0.4.136 - Maxim Karpenko)
 
Packages:
=========
Halo Wars 2 -> C:\Program Files\WindowsApps\Microsoft.HoganThreshold_1.11.2931.2_x64__8wekyb3d8bbwe [2020-04-12] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-01-29] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [bgshellext] -> {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} => C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [2020-01-28] (BullGuard Ltd. -> BullGuard Ltd.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-04-15 20:53 - 2020-04-16 17:04 - 000014848 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\libEGL.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 001592832 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\libGLESv2.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 003912192 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\qtnribbon4.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 001037824 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\sgCore.dll
2020-04-10 02:20 - 2017-06-10 17:26 - 001479168 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\site-packages\numpy\core\multiarray.cp35-win_amd64.pyd
2020-04-10 02:20 - 2017-06-10 17:27 - 000653824 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\site-packages\numpy\core\umath.cp35-win_amd64.pyd
2020-04-10 02:20 - 2017-06-10 17:27 - 000062976 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\site-packages\numpy\fft\fftpack_lite.cp35-win_amd64.pyd
2020-04-10 02:20 - 2017-06-10 17:27 - 001333248 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\site-packages\numpy\linalg\_umath_linalg.cp35-win_amd64.pyd
2020-04-10 02:20 - 2017-06-10 17:27 - 000348160 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\site-packages\numpy\linalg\lapack_lite.cp35-win_amd64.pyd
2020-04-10 02:20 - 2017-06-10 17:27 - 000527360 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\site-packages\numpy\random\mtrand.cp35-win_amd64.pyd
2020-04-10 02:20 - 2018-01-22 15:27 - 002375168 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\libsndfile-1.dll
2020-04-10 02:20 - 2018-01-22 15:23 - 000797305 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\OpenAL32.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 001248256 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\OpenColorIO.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 001036800 ____N () [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\SDL2.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 017555968 ____N (FFmpeg Project) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\avcodec-57.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 000126464 ____N (FFmpeg Project) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\avdevice-57.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 002142720 ____N (FFmpeg Project) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\avformat-57.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 000465408 ____N (FFmpeg Project) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\avutil-55.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 000137728 ____N (FFmpeg Project) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\swresample-2.dll
2020-04-10 02:20 - 2018-01-22 15:21 - 000533504 ____N (FFmpeg Project) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\swscale-4.dll
2020-04-10 02:20 - 2018-01-22 15:27 - 000246784 ____N (Open Source Software community LGPL) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\pthreadVC2.dll
2020-04-10 02:20 - 2017-05-21 02:13 - 000079360 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_bz2.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000118272 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_ctypes.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000189440 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_elementtree.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 001449472 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_hashlib.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000142336 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_lzma.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000018944 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_multiprocessing.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000061952 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_socket.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000816640 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\_sqlite3.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000187904 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\pyexpat.pyd
2020-04-10 02:20 - 2017-05-21 02:13 - 000015872 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\2.79\python\lib\select.pyd
2020-04-10 02:20 - 2018-01-22 15:21 - 003930112 ____N (Python Software Foundation) [File not signed] C:\Users\Zac\Desktop\blender-2.79b-windows64\python35.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 026296832 _____ (The ICU Project) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\icudt59.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 002084864 _____ (The ICU Project) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\icuin59.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 001505792 _____ (The ICU Project) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\icuuc59.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 001667072 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\LIBEAY32.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000355328 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\ssleay32.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\PlugIns\Qt5\imageformats\qgif.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000240640 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\PlugIns\Qt5\imageformats\qjpeg.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 001206272 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\PlugIns\Qt5\platforms\qwindows.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qml\QtQml\Models.2\modelsplugin.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qml\QtQuick.2\qtquick2plugin.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000749056 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qml\QtQuick\Window.2\windowplugin.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 005158400 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Core.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 004482560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Gui.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000722432 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Multimedia.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000100864 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5MultimediaWidgets.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 001068544 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Network.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5OpenGL.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000222208 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Positioning.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000318976 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5PrintSupport.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 003077120 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Qml.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 003080192 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Quick.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000187904 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Sensors.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000202752 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Sql.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000105472 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5WebChannel.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 022686720 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5WebKit.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000232960 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5WebKitWidgets.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 005488128 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Widgets.dll
2020-04-15 20:53 - 2020-04-16 17:04 - 000193536 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-fa08ae3c047e448c\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Zac:Heroes & Generals [38]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Gaijin.Net Agent"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5DAFB70B-D96F-4C28-8F05-9602D979D34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4195E893-0218-4E75-8BD2-298CB58267BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A6C10553-8456-424C-8B52-3CC96D4A8CC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AF3E2DD4-AD27-47AF-A17A-4BD0C4D8F6EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{10281526-42A0-46D7-8E4A-10732AC64F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Armored Battle Crew WW1\Armored Battle Crew WW1.exe () [File not signed]
FirewallRules: [{8BC338A0-895C-4BEC-AF76-A0E230AB310F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Armored Battle Crew WW1\Armored Battle Crew WW1.exe () [File not signed]
FirewallRules: [{73F594D0-A97B-47DA-AB74-8B27934D4B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E74534BA-5D97-47BE-B5DF-259655432D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{AC3E5847-E882-4334-93D8-E6AAA44CBAF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{6266EDAF-6EEF-4492-A1AC-D9997528A21F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{019B2411-3BCA-4D20-BDEF-95454C788A56}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{64DBA4D1-5034-46C9-B791-DE20DDFAF897}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{7A37401F-1893-43C7-9063-20D3115776ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BomberCrew\BomberCrew.exe () [File not signed]
FirewallRules: [{7EF0008E-A774-40A1-9880-F71560582028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BomberCrew\BomberCrew.exe () [File not signed]
FirewallRules: [{8076C94B-E100-499A-9DCF-29E34F77EDB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\Hegemony III Launcher.exe () [File not signed]
FirewallRules: [{C41B962D-ECCA-4AF0-A5DA-1E8F181D605E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\Hegemony III Launcher.exe () [File not signed]
FirewallRules: [{070E427E-1A0D-44EC-B9D9-A5C5DB5C104B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\x64\Hegemony III.exe () [File not signed]
FirewallRules: [{39095E78-D4F3-45A7-A547-B0C6A66AFF8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\x64\Hegemony III.exe () [File not signed]
FirewallRules: [{EFC05F5C-C71C-4DF6-A23D-94CDE0E8E5B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{23D1081C-EB6C-4849-BA50-59C9CB76C3BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{CCFADFC6-EF5C-45AE-9089-DF214CCC349F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{EB4633FE-4EC5-417F-967C-D8B4F10837F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{C99692D2-AD30-42BF-9145-3C3E0F8ECBF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{F0F2478A-ACCE-4A4D-B3B9-2F166AA4A1C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{D331E44A-2B50-4C38-A8F6-A388BE6B400B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{22476FA6-75D3-4572-BC0E-524B3B24832B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B5CBC2A1-ED3C-491E-A6E1-79CA1150CF33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{59068B62-07D9-46C5-9745-13843246410B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{C9D24F4B-C309-4751-AFEC-146684CD268D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aven Colony\AvenColony.exe () [File not signed]
FirewallRules: [{626CA820-2417-4E10-B4CF-F3C922536F0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aven Colony\AvenColony.exe () [File not signed]
FirewallRules: [TCP Query User{4C72D28B-8764-4D87-A590-614FF63C6700}C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{A2288174-BC4D-49EB-ABBB-32D5908431F6}C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{EC2ED010-86AD-49E6-98DB-4A33E0312FFD}] => (Allow) G:\Games\steamapps\common\Transport Fever\TransportFever.exe () [File not signed]
FirewallRules: [{C08501BC-D700-41D8-B63B-01617E577FB0}] => (Allow) G:\Games\steamapps\common\Transport Fever\TransportFever.exe () [File not signed]
FirewallRules: [{1781FF1D-B60C-4170-93BF-82547B4DEA11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA66F4A6-BD4F-43C0-A1AD-550864402615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C88C1419-EC38-430B-9343-56D56E0E2B86}] => (Allow) G:\Games\Ubisoft Games\Anno 1800\Bin\Win64\Anno1800.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [{882A6EC0-F154-4844-A6AC-316E34F96E40}] => (Allow) G:\Games\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{2A4A8576-8EA4-4703-9D50-064755BFFD97}] => (Allow) G:\Games\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{C0BA2107-2B2F-4D88-AC5A-FEED607F936D}] => (Allow) G:\Games\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{49225356-3E4A-4817-8670-7CD6CFD52EA4}] => (Allow) G:\Games\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [TCP Query User{A0130E91-37A2-4D63-BAA0-87504625A57F}G:\games\steamapps\common\total war rome ii\rome2.exe] => (Allow) G:\games\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{1142ABD2-0DCB-45C2-954D-A5C9043AA99A}G:\games\steamapps\common\total war rome ii\rome2.exe] => (Allow) G:\games\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{626D9653-9C96-4D12-8FC7-F9D7F69FF554}] => (Allow) G:\Games\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{DC47ABD9-A7DF-40B6-AD9F-F745E5753A3A}] => (Allow) G:\Games\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [TCP Query User{0F5E9044-35C8-4429-A161-B939E8DE7336}G:\bethesda.net launcher\games\fallout76\fallout76.exe] => (Allow) G:\bethesda.net launcher\games\fallout76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{6C25ED78-4B52-4758-9E08-12E9174DA86D}G:\bethesda.net launcher\games\fallout76\fallout76.exe] => (Allow) G:\bethesda.net launcher\games\fallout76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{C17EF26D-D3D9-4812-9E71-42A7EBB410F9}] => (Allow) G:\Games\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7CF0B7DF-B894-4F8E-9BBC-E966F392931B}] => (Allow) G:\Games\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{81E15DA0-60EB-41A1-8266-9DADAA1E0F47}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BB0C6F80-EF23-4E1B-BDB6-45EF60B47084}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ADB7795E-5149-45C6-B52C-29B0C4B7177F}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{D9F5478B-7227-4ACC-9309-73DC8F7399D8}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{3543E05F-C053-4984-88F0-6EF188D3B8DD}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{A9781AF2-6B92-4D72-B368-49E2D5CE66F4}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{B09E0A4A-A80E-40F1-8935-76C49298B398}] => (Allow) G:\Games\steamapps\common\Steel Division\SteelDivision.exe (Eugen Systems -> )
FirewallRules: [{0A592B6C-EACB-43CC-B4CB-441B4D6113C2}] => (Allow) G:\Games\steamapps\common\Steel Division\SteelDivision.exe (Eugen Systems -> )
FirewallRules: [{23A2E81B-8F4B-4D86-AE2A-6363BD4B551C}] => (Allow) G:\Games\steamapps\common\Parkitect\Parkitect.exe () [File not signed]
FirewallRules: [{3DF7B458-3766-4E4A-AA8D-FA93355B9C84}] => (Allow) G:\Games\steamapps\common\Parkitect\Parkitect.exe () [File not signed]
FirewallRules: [{EEEBD6A3-F99C-42CA-9B91-6A1E6A812BD2}] => (Allow) G:\Games\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{5CDE3617-4D9A-4E9F-BEDE-728F56FAE8E4}] => (Allow) G:\Games\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{7E91F66A-31BF-4A82-9AC8-C68102ADE589}] => (Allow) G:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{1DC7B931-7C35-4205-8CD4-FB0627F31B30}] => (Allow) G:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{45EB77CB-BCB7-4578-9CE3-EC258719854C}] => (Allow) G:\Games\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{B10B4864-A768-488F-B6D2-65DC8A90FCEF}] => (Allow) G:\Games\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{E92084FC-CEF1-4320-82B1-0B74BD8EEBDF}] => (Allow) G:\Games\steamapps\common\Tropico 6\Tropico6.exe (Kalypso Media Group -> Epic Games, Inc.)
FirewallRules: [{3192B8F3-FE9B-48E8-BF06-148CD11D912E}] => (Allow) G:\Games\steamapps\common\Tropico 6\Tropico6.exe (Kalypso Media Group -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F9CBEFE2-72F1-460C-AD4B-2DA8FCC88758}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{18A11BE4-1A67-4CEE-9652-B43DA2B5D75C}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{BF4160FB-E2A0-4961-92C8-4C06C49AB4EC}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{B7B0EA26-5172-40A9-883D-1A29CFF7A25E}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{FB1B83E2-E6C5-4AA3-A0E1-0DDE31860734}] => (Allow) G:\Games\steamapps\common\Kingdoms and Castles\KingdomsAndCastles.exe () [File not signed]
FirewallRules: [{B96BF9BF-2370-4752-91E7-41744E465E61}] => (Allow) G:\Games\steamapps\common\Kingdoms and Castles\KingdomsAndCastles.exe () [File not signed]
FirewallRules: [{1AC0B75C-7229-43DF-BFB2-17881882E902}] => (Allow) G:\Games\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{18400502-024F-419A-B549-B58872D9C3EF}] => (Allow) G:\Games\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{E1B6D19E-1F18-457A-9C97-F516BE77FFB1}] => (Allow) G:\Games\steamapps\common\Hearts of Iron 3\hoi3.exe (Paradox Interactive) [File not signed]
FirewallRules: [{98F5E765-17DA-413E-A967-34A41C34481E}] => (Allow) G:\Games\steamapps\common\Hearts of Iron 3\hoi3.exe (Paradox Interactive) [File not signed]
FirewallRules: [TCP Query User{7C88D709-454D-43E5-99A0-CFE08CA6780E}G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe No File
FirewallRules: [UDP Query User{4BD9674C-E48A-4B6C-97F8-23D683C6170C}G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe No File
FirewallRules: [{1B993166-E209-4A38-8746-2B061A661D37}] => (Allow) G:\Games\steamapps\common\[bleep] Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FD004C29-1A85-4334-A735-D9AE07BC6E22}] => (Allow) G:\Games\steamapps\common\[bleep] Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{1EADF70A-4799-401C-B1F5-9BEA2EB0AD3C}C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{7C29204D-26BD-48A9-8E46-0660ED16F835}C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{B49E6FBE-BB61-4C27-8ECA-2A39914115DF}G:\games\steamapps\common\hearts of iron 3\hoi3game.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3game.exe () [File not signed]
FirewallRules: [UDP Query User{AE9E69C1-2969-4D66-A0E8-D49A9A35E8DD}G:\games\steamapps\common\hearts of iron 3\hoi3game.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3game.exe () [File not signed]
FirewallRules: [{9A881FEB-BBE3-47FB-A8B2-B1BB0F064C2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{965FBCCC-C75B-43B0-9C4B-E9B9881CF7FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{01EC0608-9A3A-4C20-AEC7-3EF04E55A105}C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe (Offworld Industries -> Sas Periscope Games)
FirewallRules: [UDP Query User{D4290E40-74B1-42C7-A7A4-34E092A7DA9D}C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe (Offworld Industries -> Sas Periscope Games)
FirewallRules: [{1B958EEF-8C36-4963-B997-B764270A2849}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{6F6A4411-3C6A-4BF7-A7C7-B66182AEF8CF}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [TCP Query User{C37B75E3-C860-4AED-B547-202D110DF446}G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]
FirewallRules: [UDP Query User{72B8D3E8-ED41-44A2-B1CE-008554BBF79F}G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]
FirewallRules: [TCP Query User{AEA23F2F-FC3B-4FBF-96A4-2EFE4BE7BA53}G:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{49589A0B-AA15-4A2E-887D-839BB3928092}G:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{02A7A898-992C-4F71-9139-C6BB077A89F3}] => (Allow) G:\Games\steamapps\common\Europa Universalis IV\eu4.exe No File
FirewallRules: [{50298318-1535-40B4-823F-55F10920B2BE}] => (Allow) G:\Games\steamapps\common\Europa Universalis IV\eu4.exe No File
FirewallRules: [{7D78DA11-6353-4148-AAC0-4DB510AC227F}] => (Allow) G:\Games\steamapps\common\60 Seconds! Reatomized\60SecondsReatomized.exe () [File not signed]
FirewallRules: [{63EC2A34-D80A-41A6-B32D-5606A1F2C41D}] => (Allow) G:\Games\steamapps\common\60 Seconds! Reatomized\60SecondsReatomized.exe () [File not signed]
FirewallRules: [{A8A0BE6E-A8DB-45F8-8DA4-2F8EF8B2112D}] => (Allow) G:\Games\steamapps\common\Atlantic Fleet\AtlanticFleet.exe () [File not signed]
FirewallRules: [{3527D761-86E4-413E-821D-1BB9985C1B1B}] => (Allow) G:\Games\steamapps\common\Atlantic Fleet\AtlanticFleet.exe () [File not signed]
FirewallRules: [{3C3284D1-15AF-4376-901C-D6EDF07151BB}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\epiccarfactory.exe () [File not signed]
FirewallRules: [{755D2595-705B-4D84-BF61-FE2A0F6E5390}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\epiccarfactory.exe () [File not signed]
FirewallRules: [{BBED1B7E-B03C-4009-A917-7E926AA8259D}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\mod_uploader\mod_uploader.exe () [File not signed]
FirewallRules: [{F4317137-EBB9-4D92-94E9-5005AF8F53F1}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\mod_uploader\mod_uploader.exe () [File not signed]
FirewallRules: [{403B5264-383C-4BD0-81B3-34AA257C880E}] => (Allow) G:\Games\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D9053CC1-2398-4565-B085-989C0C74C950}] => (Allow) G:\Games\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{563301EC-FCA8-4579-A6A1-29EBB73DEE50}] => (Allow) G:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0194C2E6-F40F-4598-A4CA-49903B253FE7}] => (Allow) G:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{AECC0F76-C4FA-4B07-81D3-E69EDCF959F2}] => (Allow) G:\Games\steamapps\common\Field of Glory Empires\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{DAED62DA-D589-4B7F-AB95-FD828AC16FA5}] => (Allow) G:\Games\steamapps\common\Field of Glory Empires\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{4BED54BC-DEBC-4AA9-8766-F48D7CC5A8D0}] => (Allow) G:\Games\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{F4B2ACF2-32A4-45C7-8435-07D565E90AC3}] => (Allow) G:\Games\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{C985540D-DA2B-4D83-8D45-3021D8EFB057}] => (Allow) G:\Games\steamapps\common\HENTAI - World War II\HENTAI WW2.exe () [File not signed]
FirewallRules: [{2C418E57-4244-4D09-B9FE-F4BAC0F9AADB}] => (Allow) G:\Games\steamapps\common\HENTAI - World War II\HENTAI WW2.exe () [File not signed]
FirewallRules: [TCP Query User{26FA24D2-7BDA-41B1-A7BF-E54A9C92519B}G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [UDP Query User{10650B5D-6750-4463-A4F6-2BCE219ECE74}G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [{2701D6A2-5C53-45DF-9689-882AB753152A}] => (Allow) G:\Games\steamapps\common\Battle Brothers\win32\BattleBrothers.exe () [File not signed]
FirewallRules: [{C258D4F2-6DC5-4263-8BD2-A7D53971A9AB}] => (Allow) G:\Games\steamapps\common\Battle Brothers\win32\BattleBrothers.exe () [File not signed]
FirewallRules: [{50500535-E2CF-4298-AAB7-A26C1EBE919E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{F2C239E5-C114-46ED-8066-C5E738364C6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [TCP Query User{640EA036-CBAC-4796-98E7-0EFC8052CA4E}G:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{539FDDBE-61DC-4A6A-9308-4B5B3ED73F44}G:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{CF61F90A-D02A-40AD-A2A4-D78555CF797E}] => (Allow) G:\Games\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{5922739C-0339-4E2D-BBA2-610DA1CE2BD2}] => (Allow) G:\Games\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [TCP Query User{39C3D121-4F24-4DC5-A62B-48406418B171}C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{60C928ED-230C-4FA5-B954-0BEECCBDBFF0}C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{6C235F05-B581-4D5A-BFBE-A518702C258A}] => (Allow) G:\Games\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{F5394E27-9EFA-4FD8-B171-502086175353}] => (Allow) G:\Games\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{5C303CF9-E531-43A9-B487-E4C87A6C7C39}] => (Allow) G:\Games\steamapps\common\Democracy 3\Democracy3.exe () [File not signed]
FirewallRules: [{B42E323C-16D8-4799-A02C-D0A85C60860D}] => (Allow) G:\Games\steamapps\common\Democracy 3\Democracy3.exe () [File not signed]
FirewallRules: [{25C26694-9BD2-4EAD-A855-2D7FC30D567D}] => (Allow) G:\Games\steamapps\common\Celestial Command\CelestialCommand.exe () [File not signed]
FirewallRules: [{ECC3884A-CEAB-4253-A930-E5D51CC2D9A0}] => (Allow) G:\Games\steamapps\common\Celestial Command\CelestialCommand.exe () [File not signed]
FirewallRules: [{8ED7B4BC-B0EC-488C-9921-E4851F63B21B}] => (Allow) G:\Games\steamapps\common\Barotrauma\Barotrauma.exe (FakeFish, Undertow Games) [File not signed]
FirewallRules: [{7DB2915B-EE93-4D04-BBB8-976FD9E9291B}] => (Allow) G:\Games\steamapps\common\Barotrauma\Barotrauma.exe (FakeFish, Undertow Games) [File not signed]
FirewallRules: [TCP Query User{21463BD1-3C2D-45C5-BAE5-C1030B98A8B8}G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{BB67EE8C-8E20-44EE-A2AA-DB55D7854E67}G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{CDEFA104-042D-4FD2-9EC3-032B7D1E9604}] => (Allow) G:\Games\steamapps\common\Tom Clancys Endwar\Binaries\EndWar.exe (Ubisoft) [File not signed]
FirewallRules: [{705F855D-C59F-4D36-99F7-0218AC21F1E3}] => (Allow) G:\Games\steamapps\common\Tom Clancys Endwar\Binaries\EndWar.exe (Ubisoft) [File not signed]
FirewallRules: [{7E5F7FED-8D5F-464B-BA39-1C6AEE2DBB2A}] => (Allow) G:\Games\steamapps\common\Dreadnought\DreadnoughtLauncher.exe (Six Foot, LLC -> Six Foot LLC)
FirewallRules: [{826A5A2A-72BA-495A-B50C-310B51AC5DA7}] => (Allow) G:\Games\steamapps\common\Dreadnought\DreadnoughtLauncher.exe (Six Foot, LLC -> Six Foot LLC)
FirewallRules: [{6A189EBB-B7C7-4827-A5A9-6EFD79FEB2C9}] => (Allow) G:\Games\steamapps\common\Outscape\Outscape.exe () [File not signed]
FirewallRules: [{5482A38B-3825-44A2-8E98-803B78313F51}] => (Allow) G:\Games\steamapps\common\Outscape\Outscape.exe () [File not signed]
FirewallRules: [TCP Query User{D7FABAE7-2566-41E4-9C38-EFA915060235}G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe (Six Foot, LLC -> Epic Games, Inc.)
FirewallRules: [UDP Query User{8A43938A-796F-4F6A-B176-29F740DF07A2}G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe (Six Foot, LLC -> Epic Games, Inc.)
FirewallRules: [TCP Query User{545B1720-89C1-4F71-84E3-D10DF4174EE7}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{54432EAF-FD82-468E-8736-65FE37DFEA60}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe No File
FirewallRules: [{39FE4BF8-3F92-4377-A167-25364B371520}] => (Allow) G:\Games\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{41D529B7-25B0-4DE3-8CB7-9F54418E9470}] => (Allow) G:\Games\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{5AC480F5-9985-4E87-8905-C6FEC8F8B4E4}] => (Allow) G:\Games\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{996EA694-B48A-413C-BA93-FF93439F854B}] => (Allow) G:\Games\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{2BC7F9D6-9E77-4032-9A85-A9E884B6D3D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{0E560A70-670D-4D12-B4A2-FDD34A8E688C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{101BBC04-B120-4258-91AC-650F7143F042}G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe] => (Allow) G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe No File
FirewallRules: [UDP Query User{1846CD3B-D4C1-4157-81E8-34EFD40CD168}G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe] => (Allow) G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe No File
FirewallRules: [{B686370C-FA45-4C18-BE96-157FBA361415}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2 Remastered\Launcher\SEV2RLauncher.exe () [File not signed]
FirewallRules: [{290354AF-EB6E-4E71-9FEA-7932203F0D1B}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2 Remastered\Launcher\SEV2RLauncher.exe () [File not signed]
FirewallRules: [{33DA8E53-2866-434D-AE19-14FED1645A62}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{41C8EB1D-FBDB-498B-81C4-99A96CF3959B}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{CEA3D6F3-95A0-4651-B7EA-017D5243826C}] => (Allow) G:\Games\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{20A150F9-0BD3-42FB-9594-E7664ABBCD5E}] => (Allow) G:\Games\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{327E5E28-57AC-453A-A052-0F7450852B3C}] => (Allow) C:\Users\Zac\AppData\Local\Ultimate Admiral Dreadnoughts\launcher.exe (Xsolla (USA), Inc -> XSOLLA)
FirewallRules: [{9D5D470A-09AA-451C-B950-928B3BFAD77E}] => (Allow) C:\Users\Zac\AppData\Local\Ultimate Admiral Dreadnoughts\launcher.exe (Xsolla (USA), Inc -> XSOLLA)
FirewallRules: [{E61CCA6A-4FAB-4E4F-85CA-A44013927FC6}] => (Allow) G:\Games\steamapps\common\PULSARLostColony\PULSAR_LostColony.exe () [File not signed]
FirewallRules: [{5887811B-57DA-4FF1-BA97-AE62BE145974}] => (Allow) G:\Games\steamapps\common\PULSARLostColony\PULSAR_LostColony.exe () [File not signed]
FirewallRules: [{C1E2A5A3-07D9-4096-A605-27D7B0386359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Hulk Deathwing - Enhanced Edition\SpaceHulkGame.exe (Focus Home Interactive -> )
FirewallRules: [{99429706-5559-4998-9A17-A9FA3C280531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Hulk Deathwing - Enhanced Edition\SpaceHulkGame.exe (Focus Home Interactive -> )
FirewallRules: [TCP Query User{25490047-E8F9-4F9B-9FF4-C26B6D7AE71B}C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe (Focus Home Interactive -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A6968DEE-4CF2-401E-9726-DE741FF4535B}C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe (Focus Home Interactive -> Epic Games, Inc.)
FirewallRules: [{F55561BB-4181-442D-B6B2-44792B3D0DB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terminator Resistance\Terminator.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7CA93754-E7BB-4EE6-9FA6-2E2AD6FB7A60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terminator Resistance\Terminator.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{3181EF8D-7C08-457E-8B24-F041E0EF22F6}C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{E32A0956-78DE-4E2E-B3FE-F82DA078521F}C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DEB778EF-F9B8-40B7-BB8D-661342255715}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9D74A79B-4928-48A2-A605-1973C6A14C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{408A8B84-C6CD-4BDD-AD01-6ABA6DDA3F44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{0A686890-933A-4630-A9D9-57C382D629C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{6A35E813-1787-44FE-8C13-025740F6FDF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HaloWarsDE\xgameFinal.exe (343 Industries) [File not signed]
FirewallRules: [{A59EF4C5-0900-4592-BDEA-3078A4DB6DBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HaloWarsDE\xgameFinal.exe (343 Industries) [File not signed]
FirewallRules: [{726E0D58-F7F2-4C98-9C05-D0DA6CF90596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe () [File not signed]
FirewallRules: [{3506DA20-C91B-4936-83CB-1D3142019ADE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe () [File not signed]
FirewallRules: [{58C33CB5-6D2A-470E-A4B4-898595013964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B770DEEA-B023-4681-B4BF-2D7684C8E607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3CC3E8BA-114B-4F0C-B133-578D880E2077}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\Paradox Launcher.exe No File
FirewallRules: [{F2599E17-0FE0-4DA2-9560-C8560A48B39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\Paradox Launcher.exe No File
FirewallRules: [{721AF222-6F4E-4068-A954-3B53E02815DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe (Compulsion Games) [File not signed]
FirewallRules: [{157B07B1-12FE-4E00-83A8-7047E429FB02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe (Compulsion Games) [File not signed]
FirewallRules: [{30463906-A8CE-43D0-9A16-B57220B70EA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{3F285AA8-4B49-432B-8D9F-DB2E0E87369A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{77A4D019-4BA4-4F87-8487-1BF7467AB6BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{7C31EB0A-B6CD-4F92-95B4-9227B09B9703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{007953EF-3EB7-429D-9115-7AECAF7ABAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BF0CEEFB-504A-4684-8A1D-A212F6087A1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{596B24B9-4162-4BEE-A6A0-FA45053DDC71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{814D3FC6-B25B-4FC3-BC07-1D3B5749A977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{5B431370-A0B7-4960-AF92-E3D6A309570C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{520A6012-D3CD-4717-AA81-5B55AF248C3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{3F71F3E0-589E-491D-88D1-951BC79CFC4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1AED45D3-550D-4F15-93E6-6F19DEAC1FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{78C596A0-1A4D-4415-AB13-FC63AB051906}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe () [File not signed]
FirewallRules: [{CE3CFFF3-6C2F-4506-87A5-EC9095CB91BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe () [File not signed]
FirewallRules: [{7929A317-B68B-4C68-9C30-96B7F10C9FDD}] => (Allow) H:\Games\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{4A548B8A-1990-4947-89B8-1D43A0F8AE1F}] => (Allow) H:\Games\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BA377554-CAC4-4D4B-881C-06034707C75E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{7ECF574F-9080-4F7D-A19E-579A6FE1B0A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [TCP Query User{AEFFF08F-F3E0-4AFA-943F-87A97E2BB12C}H:\games\steamapps\common\arma 3\arma3_x64.exe] => (Allow) H:\games\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{7A7AAC17-15FA-4CC9-B674-30A316619D20}H:\games\steamapps\common\arma 3\arma3_x64.exe] => (Allow) H:\games\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{32C111EA-21A4-49B0-9D8D-F8B667C938CB}] => (Allow) H:\Games\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{FA56BD0A-50B9-4ADD-B98C-4DA98BA45FFD}] => (Allow) H:\Games\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{17ED5D95-476D-4615-813B-BA269B2A9350}] => (Allow) H:\Games\steamapps\common\star conflict\game.exe (TARGEM GEIMZ, OOO -> Star Gem)
FirewallRules: [{4DF9A7A1-80D2-483D-B51D-D79E71F8EA76}] => (Allow) H:\Games\steamapps\common\star conflict\game.exe (TARGEM GEIMZ, OOO -> Star Gem)
FirewallRules: [{1F17D0C1-7F95-46C0-BEAB-5FF48D589AB0}] => (Allow) H:\Games\steamapps\common\HisMajesty'sShip\HMS.exe () [File not signed]
FirewallRules: [{1AAC972B-D461-4CAA-8C2B-F7986D808738}] => (Allow) H:\Games\steamapps\common\HisMajesty'sShip\HMS.exe () [File not signed]
FirewallRules: [{9373574B-F5FB-44FD-80ED-1628CA907AC6}] => (Allow) H:\Games\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{B9C10EE4-9CE3-4E4A-B125-779AF010313B}] => (Allow) H:\Games\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{4A37F0AF-C296-4268-80A7-8FB2062EBD73}] => (Allow) H:\Games\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{EBDCF330-BFA7-4768-BB91-FD2CAD6E60F6}] => (Allow) H:\Games\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{1500109B-D6DF-46CF-9C3A-441D660B2BAA}] => (Allow) H:\Games\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{266F38E7-54C9-40B1-B168-B5EB1C572B5E}] => (Allow) H:\Games\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{F4DDE7B2-5760-4BFC-A47D-406F737DDCD3}] => (Allow) H:\Games\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [File not signed]
FirewallRules: [{7B0D4B4D-F58D-415F-90D4-2D3267B60D93}] => (Allow) H:\Games\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [File not signed]
FirewallRules: [{74B0C43C-BC5D-45EA-8E77-7557A7DD6361}] => (Allow) H:\Games\steamapps\common\TyranoBuilder\tyranobuilder.exe () [File not signed]
FirewallRules: [{8BCD0E74-D967-4794-B120-BE986FD5930B}] => (Allow) H:\Games\steamapps\common\TyranoBuilder\tyranobuilder.exe () [File not signed]
FirewallRules: [{509C8451-F1F8-4426-A7AC-9BEC3FE30018}] => (Allow) H:\Games\steamapps\common\Manga Maker Comipo\ComiPo.exe (Web Technology Corp. -> Web Technology Corp.)
FirewallRules: [{4621E90E-07F9-4F95-9C6B-4548A8E442DE}] => (Allow) H:\Games\steamapps\common\Manga Maker Comipo\ComiPo.exe (Web Technology Corp. -> Web Technology Corp.)
FirewallRules: [{7E992A05-DF8A-457B-8D55-2D348F9EB199}] => (Allow) H:\Games\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{EC9A7B31-9CE5-4FA1-AFB4-0DDB429A6688}] => (Allow) H:\Games\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{ADCEC7F9-3C6E-4CCA-8904-C7662DDEB2D9}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT.exe () [File not signed]
FirewallRules: [{019EEBD0-E00B-4874-9161-34857B53FB86}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT.exe () [File not signed]
FirewallRules: [{079FAA2E-0B77-4E3C-A117-4944DF511350}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT Launcher.exe (Deep Water Studio) [File not signed]
FirewallRules: [{98293A12-5E43-40D9-8B79-1505C1ABD582}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT Launcher.exe (Deep Water Studio) [File not signed]
FirewallRules: [{775156D3-68B6-427E-9137-7A20D6E948EC}] => (Allow) H:\Games\steamapps\common\Azur Lane Crosswave\Azurlane.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{88B72A5A-9675-405D-AB36-9B425A7D6575}] => (Allow) H:\Games\steamapps\common\Azur Lane Crosswave\Azurlane.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5CA5B4BD-597B-4B66-8974-B5AA057CC873}H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe] => (Allow) H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{C5E9645D-F797-4706-B7D8-549AF73883C5}H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe] => (Allow) H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A302AA5C-16A7-42F0-831D-1E3E5D42118B}] => (Allow) H:\Games\steamapps\common\Star Trek Online\Star Trek Online.exe (Cryptic Studios Inc. -> )
FirewallRules: [{3C07F45D-4020-47BC-9151-FDC7A38BF72B}] => (Allow) H:\Games\steamapps\common\Star Trek Online\Star Trek Online.exe (Cryptic Studios Inc. -> )
FirewallRules: [{BBAC5FB2-B2CC-489E-8C3C-4D88464FE4CC}] => (Allow) H:\Games\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{1F0D67AC-B4FF-442F-9978-339D77B309BB}] => (Allow) H:\Games\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{488CCA8B-591D-4ACA-9318-A9186741A259}] => (Allow) H:\Games\steamapps\common\War of the Human Tanks\War of the Human Tanks.exe (Fruitbat Factory & Yakiniku Banzai) [File not signed]
FirewallRules: [{C7A898C0-2A9D-461C-81BD-DDF0E9752183}] => (Allow) H:\Games\steamapps\common\War of the Human Tanks\War of the Human Tanks.exe (Fruitbat Factory & Yakiniku Banzai) [File not signed]
FirewallRules: [{8B82A881-8B03-4869-AA09-70F11C8C3EB0}] => (Allow) H:\Games\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{EC8EDADE-B5D5-424F-A6D0-5D16C0977058}] => (Allow) H:\Games\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [TCP Query User{9DEC9DD7-43CD-444E-8536-2D3D64F07F92}C:\users\zac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zac\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{10EDB50E-F5C0-4415-B771-988EFC18BCCF}C:\users\zac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zac\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7DDDB3B-5881-419A-8F5E-292A361DCFFC}] => (Allow) G:\Games\steamapps\common\Battlestar Galactica Deadlock\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{40D7FBEE-FCF0-434D-A0A8-AA5FC42310C7}] => (Allow) G:\Games\steamapps\common\Battlestar Galactica Deadlock\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{ED07B06F-467E-4B43-B9C9-F9520F99288F}] => (Allow) G:\Games\steamapps\common\TankMechanicSimulator\TankMechanicSimulator.exe () [File not signed]
FirewallRules: [{C9125CD2-A863-4F88-AC67-4E425609251A}] => (Allow) G:\Games\steamapps\common\TankMechanicSimulator\TankMechanicSimulator.exe () [File not signed]
FirewallRules: [{496AD818-7EE2-472D-B5BB-592FFB15541A}] => (Allow) G:\Games\steamapps\common\VC4\Valkyria4_x64.exe (SEGA) [File not signed]
FirewallRules: [{8568BFE6-2484-40F8-876C-BBE6DD17BDB3}] => (Allow) G:\Games\steamapps\common\VC4\Valkyria4_x64.exe (SEGA) [File not signed]
FirewallRules: [{DD2E249E-12E8-4359-8FE5-AD68E2D1FF11}] => (Allow) G:\Games\steamapps\common\Transport Fever 2\TransportFever2.exe () [File not signed]
FirewallRules: [{A664C378-92EC-4B68-BCA0-61C436B91210}] => (Allow) G:\Games\steamapps\common\Transport Fever 2\TransportFever2.exe () [File not signed]
FirewallRules: [{6536DD6E-2425-4EA7-93C6-BFA081903CFD}] => (Allow) G:\Games\steamapps\common\Yes, Your Grace\Yes, Your Grace.exe () [File not signed]
FirewallRules: [{C2A9CCE1-24D0-4D85-91A7-B99CEAFB56A8}] => (Allow) G:\Games\steamapps\common\Yes, Your Grace\Yes, Your Grace.exe () [File not signed]
FirewallRules: [{A76454EF-DCFA-4BF7-89CB-89DA94C0C70B}] => (Allow) G:\Games\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{94FA5998-8D82-44F4-A5E2-2474AAAF0F3B}] => (Allow) G:\Games\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{30A1E67B-7428-4D04-AC1B-89A172ADC41D}] => (Allow) G:\Games\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{7C4CA647-0FEA-4542-ACC3-01CD11B13966}] => (Allow) G:\Games\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{55B04E5D-8146-4438-B71F-D83027DF573C}] => (Allow) G:\Games\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{21BAF701-D02C-4FB7-9171-D657DC0DD1A0}] => (Allow) G:\Games\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{D297C768-E840-493D-889C-33E13A6C1AD6}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{D5FC31A8-7447-4CB6-AA55-471BEAACB869}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{842D55D1-421F-458A-99D7-A7009735A6CC}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{518FD43F-7513-48BD-A442-BA3ABFA4866A}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{1D450A11-DCF4-4CA5-A382-599DAE40E0B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{477A53AA-A7C6-453E-A5A9-67F7ADDD2E24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{980D1437-A80E-4483-BB1E-145A5ACD602B}] => (Allow) H:\Games\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{467D32D6-3214-47A4-A4D7-430346776A8D}] => (Allow) H:\Games\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{42555361-7C5B-40CE-BFC6-165B8374FD96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLION\HELLION.exe () [File not signed]
FirewallRules: [{F2306DEB-76C7-4DD9-8B64-7020701E86CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLION\HELLION.exe () [File not signed]
FirewallRules: [{6D531526-7289-4CFB-BECD-60C9E14FB9B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony Rome\Hegemony Rome Launcher.exe () [File not signed]
FirewallRules: [{B2540E06-0E86-494C-8A36-A533C851DBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony Rome\Hegemony Rome Launcher.exe () [File not signed]
FirewallRules: [{FD7415A4-D58D-4D28-806B-16224C0E23D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{60B8C27D-67B5-49B5-8D0C-4699F88C72A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{23B3286C-835F-4260-A1FD-FE808D3419A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{331544EE-F103-4E81-9688-B3A38B82BFB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{D3045D09-6520-4E2C-B567-263C5308EB17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{221E2DA9-6154-4F34-9CBC-41CBBA453A7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CEB6D12-F2C9-4F09-BA46-AA6EFB5BC4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A0F17C87-291B-44A8-9361-809177192F05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{456A7A8A-8032-4D56-8F17-5931B1EA907C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F06C9D57-5C07-4D75-976F-4B1BFE3142D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{9439F37E-3064-4F36-9222-DD7B62BB27F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{57E1FE1E-C9F4-48E2-88F2-71E07B1D5071}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interstellar Rift\Build\IRLauncher.exe () [File not signed]
FirewallRules: [{00DBDA05-65D2-4620-BAE0-046557F721E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interstellar Rift\Build\IRLauncher.exe () [File not signed]
 
==================== Restore Points =========================
 
17-04-2020 18:35:31 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/20/2020 09:21:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bms.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 436c
 
Start Time: 01d616e782434a30
 
Termination Time: 4294967295
 
Application Path: H:\Games\steamapps\common\Black Mesa\bms.exe
 
Report Id: 74ece98d-79ae-459c-81e4-bc2226ee3854
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Cross-thread
 
Error: (04/20/2020 06:30:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bms.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2dc4
 
Start Time: 01d616cdf2edb67f
 
Termination Time: 4294967295
 
Application Path: H:\Games\steamapps\common\Black Mesa\bms.exe
 
Report Id: 938ebdec-5512-4d32-8247-19f2f5f9edbc
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
Error: (04/20/2020 03:44:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.620, time stamp: 0x5e8e029a
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5e8272e4
Exception code: 0xc0000005
Fault offset: 0x0000000000219d05
Faulting process ID: 0x3a88
Faulting application start time: 0x01d616bdad2be245
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report ID: cd23c6d5-d5c2-4ce3-9438-a97da5d6e644
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/20/2020 03:41:40 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (04/20/2020 03:41:40 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (04/20/2020 03:07:32 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (04/20/2020 02:15:21 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 22144 and the required size was 36904.
 
Error: (04/20/2020 02:15:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 80.0.3987.163 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 620
 
Start Time: 01d61677beae2e9e
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: d0511ba5-bfea-428b-bd45-875b1fb4d73a
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
 
System errors:
=============
Error: (04/20/2020 03:42:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMInstallerService service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (04/20/2020 03:42:11 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (04/20/2020 03:41:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N3VAI1B)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (04/20/2020 03:41:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N3VAI1B)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (04/20/2020 03:41:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N3VAI1B)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (04/20/2020 03:41:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N3VAI1B)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (04/20/2020 03:41:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Synapse Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (04/20/2020 03:41:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
 
 
Windows Defender:
===================================
Date: 2019-08-14 21:26:49.862
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
 
Date: 2019-08-14 21:21:59.059
Description: 
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource: file:C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.cat
 
CodeIntegrity:
===================================
 
Date: 2020-04-20 15:47:49.909
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:47:49.906
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:47:49.903
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:47:49.901
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:47:49.896
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:45:20.574
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:45:20.571
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-20 15:45:20.568
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. P3.60 07/31/2019
Motherboard: ASRock B450 Pro4
Processor: AMD Ryzen 7 2700X Eight-Core Processor 
Percentage of memory in use: 63%
Total physical RAM: 16315.6 MB
Available physical RAM: 5900.28 MB
Total Virtual: 29627.6 MB
Available Virtual: 13132.37 MB
 
==================== Drives ================================
 
Drive c: (Local Disk) (Fixed) (Total:930.88 GB) (Free:225.09 GB) NTFS
Drive g: (SSD 2) (Fixed) (Total:931.41 GB) (Free:123 GB) NTFS
Drive h: (HDD) (Fixed) (Total:930.59 GB) (Free:621.02 GB) NTFS
 
\\?\Volume{f2a35a49-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{d1716c7c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{3764bf54-fcee-4af3-993f-659a2fd6659f}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.12 GB) NTFS
\\?\Volume{d1716c7c-0000-0000-0060-2bace8000000}\ () (Fixed) (Total:0.82 GB) (Free:0.4 GB) NTFS
\\?\Volume{1ed40aad-2301-42ba-9359-bdef267e039e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2A35A49)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D1716C7C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=843 MB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 036F16DD)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#6
Satchfan
Posted 20 April 2020 - 02:42 PM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

There is nothing in those logs or the previous 2 that show any reason for random redirects but there are a few things that need to be dealt with.

You need to move Farbar Recovery Scan Tool to your desktop otherwise fixes will not work.

  • go to your Downloads folder and locate FRST64
  • right click and select Cut
  • go to an empty spot on your desktop, right click and select Paste

Farbar Recovery Scan Tool should now be on your desktop.

================================================

Run Farbar Recovery Scan Tool

Open notepad. Please copy the contents of the code box below and paste it into Notepad.

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
AlternateDataStreams: C:\Users\Zac:Heroes & Generals [38]
FirewallRules: [{A6C10553-8456-424C-8B52-3CC96D4A8CC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AF3E2DD4-AD27-47AF-A17A-4BD0C4D8F6EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{02A7A898-992C-4F71-9139-C6BB077A89F3}] => (Allow) G:\Games\steamapps\common\Europa Universalis IV\eu4.exe No File
FirewallRules: [{50298318-1535-40B4-823F-55F10920B2BE}] => (Allow) G:\Games\steamapps\common\Europa Universalis IV\eu4.exe No File
G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [UDP Query User{10650B5D-6750-4463-A4F6-2BCE219ECE74}G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [TCP Query User{545B1720-89C1-4F71-84E3-D10DF4174EE7}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{54432EAF-FD82-468E-8736-65FE37DFEA60}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe No File
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
EmptyTemp:

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • save the files as fixlist.txt in the same folder as FRST – NOTE: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work
  • run FRST64 then click Fix just once and wait
  • it will create a log on your desktop, (Fixlog.txt); please post it to your reply.

Have you tried resetting Chrome to defaults?

Also, did you set up this YouTube setting in Chrome?

Satchfan

 


  • 0

#7
Legocadet
Posted 20 April 2020 - 04:21 PM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

I have tried resetting Chrome and the Youtube settings were mine, here is the log.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020
Ran by Zac (20-04-2020 23:09:23) Run:2
Running from C:\Users\Zac\Desktop
Loaded Profiles: Zac (Available Profiles: Zac)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
AlternateDataStreams: C:\Users\Zac:Heroes & Generals [38]
FirewallRules: [{A6C10553-8456-424C-8B52-3CC96D4A8CC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AF3E2DD4-AD27-47AF-A17A-4BD0C4D8F6EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{02A7A898-992C-4F71-9139-C6BB077A89F3}] => (Allow) G:\Games\steamapps\common\Europa Universalis IV\eu4.exe No File
FirewallRules: [{50298318-1535-40B4-823F-55F10920B2BE}] => (Allow) G:\Games\steamapps\common\Europa Universalis IV\eu4.exe No File
G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [UDP Query User{10650B5D-6750-4463-A4F6-2BCE219ECE74}G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [TCP Query User{545B1720-89C1-4F71-84E3-D10DF4174EE7}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{54432EAF-FD82-468E-8736-65FE37DFEA60}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe No File
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
EmptyTemp:
*****************
 
Processes closed successfully.
"C:\Windows\system32\GroupPolicy\Machine" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
HKLM\SOFTWARE\Policies\Google => not found
"C:\Users\Zac" => ":Heroes & Generals" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6C10553-8456-424C-8B52-3CC96D4A8CC9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF3E2DD4-AD27-47AF-A17A-4BD0C4D8F6EA}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02A7A898-992C-4F71-9139-C6BB077A89F3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50298318-1535-40B4-823F-55F10920B2BE}" => not found
"G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{10650B5D-6750-4463-A4F6-2BCE219ECE74}G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{545B1720-89C1-4F71-84E3-D10DF4174EE7}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{54432EAF-FD82-468E-8736-65FE37DFEA60}G:\games\steamapps\common\armored warfare\gamecenter\gamecenter.exe" => not found
 
========= netsh int ip reset =========
 
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushDNS =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 535319748 B
Java, Flash, Steam htmlcache => 625892032 B
Windows/system/drivers => 8257472 B
Edge => 289667 B
Chrome => 373677528 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1437026 B
NetworkService => 1446766 B
Zac => 845600443 B
 
RecycleBin => 38130054691 B
EmptyTemp: => 37.7 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 23:16:47 ====

  • 0

#8
Satchfan
Posted 21 April 2020 - 05:13 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

Ran by Zac (20-04-2020 23:09:23) Run:2

It looks like that is the second time you’ve run it.

Please run FRST again and make sure there is a checkmark next to ‘Addition.txt’ before you hit Scan.

Logs to include with next post:

New Frst.txt
New Addition.txt

Thanks
  • 0

#9
Legocadet
Posted 21 April 2020 - 09:20 AM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Sorry, I did have an issue for the original fix thats why I accidentally did it twice, here are the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2020
Ran by Zac (administrator) on DESKTOP-N3VAI1B (21-04-2020 16:11:14)
Running from C:\Users\Zac\Desktop
Loaded Profiles: Zac (Available Profiles: Zac)
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(BullGuard Ltd -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BgGameMon.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentryEye.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe
(BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(Discord Inc. -> Discord Inc.) C:\Users\Zac\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Zac\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Roblox Corporation -> Roblox Corporation) C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\RobloxStudioBeta.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2019-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe [412520 2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Discord] => C:\Users\Zac\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [913800 2019-12-03] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Gaijin.Net Updater] => C:\Users\Zac\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2415480 2020-02-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Gaijin.Net Agent] => C:\Users\Zac\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3511536 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Run: [Spotify] => C:\Users\Zac\AppData\Roaming\Spotify\Spotify.exe [22825376 2020-03-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3511536 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1481D11F-4A36-42D3-A3AA-B3AF947E1929} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-14] (Google Inc -> Google LLC)
Task: {1500DB97-A0A7-4989-9669-2269F67F9096} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1933ECA0-5917-4743-B65E-39FC5F6EE2F8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {226A4581-C037-438D-8E80-014F37A2123A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3AC26D1B-6EDC-476C-88D0-82458592C1B7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4087718E-21EF-4A8C-A1A1-C91BD041A689} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {59A76B8A-31CD-4E48-894F-829484AE5DC1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {682AD4DC-F72E-43A6-984E-6B43C8D85A11} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {70F32F18-A838-4C18-A627-F6A78DCFC451} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7628C268-1307-49F5-9E3B-7900FF19DD28} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {A64CC1E3-C752-4C5B-BCC8-E1DFF0E6E10E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8463FCA-60F7-4AA0-BD03-E30B159D03C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBD153A9-F999-48D1-9516-056D163A6EB0} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {BBE6B4D1-5681-40E0-A070-708C3B373CB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-14] (Google Inc -> Google LLC)
Task: {BDCF1B5E-2147-43E7-9DEC-DAEA3688BB03} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9AB4A15-84D5-433C-AF72-C98893F87B2C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E94CE-90EB-45F3-A3C4-0E723B58D999} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBC83A1F-CB22-4FE8-8645-9BE297C05758} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FE8989A0-9781-4CC2-AA79-E0A0021CEE2F} - System32\Tasks\BullGuard\BullGuardUpdate2 => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe [2975080 2020-01-28] (BullGuard Ltd. -> BullGuard Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4bc32997-0286-4b4a-b853-dc8a442c3f81}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\S-1-5-21-2782468524-2809958065-3864316782-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2782468524-2809958065-3864316782-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default [2020-04-21]
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/webhp?sourceid=chrome-instant&ion=1&espv=2&es_th=1&ie=UTF-8","hxxps://www.youtube.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-14]
CHR Extension: (Dark Skin For Crunchyroll) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjiicokbioponboibkfhfgmhcacafph [2020-03-30]
CHR Extension: (Docs) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-14]
CHR Extension: (Google Drive) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-14]
CHR Extension: (YouTube) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-14]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2019-11-26]
CHR Extension: (Adblock for Youtube™) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-08-14]
CHR Extension: (Sheets) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-14]
CHR Extension: (Gyazo) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2019-09-28]
CHR Extension: (PaintZ) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdjcnhanmagpjdpilaehedkchegnkdoj [2019-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-08-14]
CHR Extension: (Pixlr Editor) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2019-08-14]
CHR Extension: (My Planet) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkjngeiogimjcpifgmkmamcjibefog [2019-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Portal 2D) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\noeojpcnabfdkncikfpepcpcldcfmpeb [2019-08-14]
CHR Extension: (Gmail) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Zac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2020-01-05] (BattlEye Innovations e.K. -> )
S3 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBackup.exe [1606504 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe [833384 2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
R3 BsHelper; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe [390352 2019-11-13] (BullGuard Ltd -> BullGuard Ltd.)
R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe [5197672 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe [2985832 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsNet; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe [1202024 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [396136 2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsSentry; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe [768872 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2990952 2020-04-14] (BullGuard Ltd. -> BullGuard Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 HnGSteamService; H:\Games\steamapps\common\Heroes & Generals\hngservice.exe [788264 2020-04-15] (Reto-Moto ApS -> Reto-Moto ApS)
R2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483816 2019-08-13] (ICEpower a/s -> ICEpower a/s)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [980568 2020-03-04] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1490008 2020-03-04] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-12-12] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [289008 2020-03-30] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-12-13] (Razer USA Ltd. -> Razer Inc.)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-02-18] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2019-08-13] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32760 2019-08-13] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [138544 2019-08-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [175128 2020-01-21] (BullGuard LTD -> BullGuard Ltd.)
S0 BdBoot; C:\Windows\System32\DRIVERS\BdBoot.sys [29320 2019-08-28] (Microsoft Windows Early Launch Anti-malware Publisher -> BullGuard Ltd.)
R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [178760 2019-03-05] (BullGuard LTD -> BullGuard Ltd.)
R0 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [155456 2020-01-21] (BullGuard LTD -> BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\DRIVERS\BdSpy.sys [90912 2020-01-21] (BullGuard LTD -> BullGuard Ltd.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-04-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-04-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [124560 2020-04-21] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvaki.inf_amd64_4cae9e420e36f6e5\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0203; C:\Windows\System32\drivers\RzDev_0203.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [18768 2020-02-22] () [File not signed]
R2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2019-08-13] (ATI Technologies, Inc -> ATI Technologies Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [611728 2019-10-31] (Bitdefender SRL -> Bitdefender)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [344288 2019-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-13] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-21 16:11 - 2020-04-21 16:11 - 000030348 _____ C:\Users\Zac\Desktop\FRST.txt
2020-04-21 16:11 - 2020-04-21 16:11 - 000000000 ____D C:\Users\Zac\Desktop\FRST-OlderVersion
2020-04-21 08:06 - 2020-04-21 08:06 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-04-21 08:06 - 2020-04-21 08:06 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-04-21 08:06 - 2020-04-21 08:06 - 000124560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-04-21 08:06 - 2020-04-21 08:06 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-04-21 08:06 - 2020-04-21 08:06 - 000000000 ___HD C:\OneDriveTemp
2020-04-21 01:42 - 2020-04-21 01:42 - 000063281 _____ C:\Users\Zac\Downloads\McCarran.rbxm
2020-04-20 23:09 - 2020-04-20 23:16 - 000005602 _____ C:\Users\Zac\Desktop\Fixlog.txt
2020-04-20 20:09 - 2020-04-20 20:10 - 026420058 _____ C:\Users\Zac\Downloads\Raupenschlepper Ost.zip
2020-04-20 19:01 - 2020-04-20 19:01 - 000000000 ____D C:\Users\Zac\Documents\Custom Office Templates
2020-04-20 17:58 - 2020-04-20 17:58 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2020-04-20 17:58 - 2020-04-20 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-04-20 17:56 - 2020-04-20 17:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-04-20 17:47 - 2020-04-20 17:57 - 000000000 ____D C:\Program Files\Microsoft Office
2020-04-20 17:47 - 2020-04-20 17:47 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-04-20 17:46 - 2020-04-20 17:46 - 005609248 _____ (Microsoft Corporation) C:\Users\Zac\Downloads\Setup.Def.en-US_O365HomePremRetail_04c5298e-a70f-484c-be8d-4c916d640373_TX_DB_Platform_def_.exe
2020-04-20 17:33 - 2020-04-20 17:35 - 000092668 _____ C:\Users\Zac\Downloads\Addition.txt
2020-04-20 17:31 - 2020-04-20 17:35 - 000091605 _____ C:\Users\Zac\Downloads\FRST.txt
2020-04-20 17:30 - 2020-04-21 16:11 - 000000000 ____D C:\FRST
2020-04-20 17:22 - 2020-04-21 16:11 - 002281984 _____ (Farbar) C:\Users\Zac\Desktop\FRST64.exe
2020-04-20 03:44 - 2020-04-20 03:44 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-04-20 03:44 - 2020-04-20 03:44 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-20 03:44 - 2020-04-20 03:44 - 000002031 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-20 03:44 - 2020-04-20 03:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-20 03:44 - 2020-04-20 03:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-20 03:43 - 2020-04-20 03:43 - 001928352 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup-076981.076981-Consumer (1).exe
2020-04-20 03:43 - 2020-04-20 03:43 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-20 03:41 - 2020-04-20 03:41 - 001928352 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup-076981.076981-Consumer.exe
2020-04-20 03:40 - 2020-04-20 03:40 - 008196784 _____ (Malwarebytes) C:\Users\Zac\Downloads\adwcleaner_8.0.4 (1).exe
2020-04-20 02:44 - 2020-04-20 02:44 - 000000035 _____ C:\Users\Zac\Downloads\Emergency.rbxl.lock
2020-04-20 02:37 - 2020-04-20 02:37 - 006688009 _____ C:\Users\Zac\Downloads\Emergency.rbxl
2020-04-19 03:02 - 2020-04-19 03:03 - 000000000 ____D C:\AdwCleaner
2020-04-19 03:02 - 2020-04-19 03:02 - 008196784 _____ (Malwarebytes) C:\Users\Zac\Downloads\adwcleaner_8.0.4.exe
2020-04-19 03:02 - 2020-04-19 03:02 - 001965536 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup (1).exe
2020-04-18 23:44 - 2020-04-18 23:44 - 000074388 _____ C:\Users\Zac\Downloads\Jacobstown.rbxm
2020-04-18 17:38 - 2020-04-18 17:38 - 000089423 _____ C:\Users\Zac\Downloads\Golf.rbxm
2020-04-18 16:58 - 2020-04-18 16:58 - 000089862 _____ C:\Users\Zac\Downloads\Atomic Wrangler.rbxm
2020-04-17 19:15 - 2020-04-17 19:15 - 000080243 _____ C:\Users\Zac\Downloads\Bison Steve building.rbxm
2020-04-17 01:24 - 2020-04-17 01:25 - 2182639373 _____ C:\Users\Zac\Downloads\MythicManor-0.12-pc.zip
2020-04-16 23:50 - 2020-04-16 23:50 - 074365233 _____ C:\Users\Zac\Downloads\NV.rbxl
2020-04-16 20:52 - 2020-04-16 20:52 - 000000000 ____D C:\Users\Zac\AppData\Local\mbamtray
2020-04-16 20:52 - 2020-04-16 20:52 - 000000000 ____D C:\Users\Zac\AppData\Local\mbam
2020-04-16 20:51 - 2020-04-16 20:51 - 001965536 _____ (Malwarebytes) C:\Users\Zac\Downloads\MBSetup.exe
2020-04-16 09:32 - 2020-04-16 09:33 - 111613569 _____ C:\Users\Zac\Downloads\Down_and_Out_0.0.5a.zip
2020-04-16 02:08 - 2020-04-16 02:08 - 019384223 _____ C:\Users\Zac\Downloads\Perchance_to_Dream_1.0.1.zip
2020-04-16 00:44 - 2020-04-11 22:55 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-04-16 00:44 - 2020-04-11 22:55 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000450280 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-04-16 00:44 - 2020-04-11 22:55 - 000346856 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-04-16 00:44 - 2020-04-11 22:54 - 011945872 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-04-16 00:44 - 2020-04-11 22:54 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 017601632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 015158384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 005855856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 005159520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 002074232 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001722480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444587.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001566328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001483376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444587.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001481328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001350792 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001142200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 001048504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000817080 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000811448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000679864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000676448 _____ C:\Windows\system32\nvofapi64.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000546744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-04-16 00:44 - 2020-04-11 22:53 - 000543160 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-04-16 00:44 - 2020-04-11 22:51 - 004195688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 018027520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 006523048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 004129624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-04-16 00:04 - 2020-04-16 00:04 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001077064 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-04-16 00:04 - 2020-04-16 00:04 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-04-16 00:04 - 2020-04-16 00:04 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-04-16 00:04 - 2020-04-16 00:04 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-04-16 00:04 - 2020-04-16 00:04 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2020-04-16 00:04 - 2020-04-16 00:04 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-04-16 00:04 - 2020-04-16 00:04 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-04-16 00:03 - 2020-04-16 00:03 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 003802624 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 003587384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 002767928 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 002086656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001999960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-16 00:03 - 2020-04-16 00:03 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-04-16 00:03 - 2020-04-16 00:03 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000127280 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000058880 _____ C:\Windows\system32\runexehelper.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-04-16 00:03 - 2020-04-16 00:03 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-04-16 00:03 - 2020-04-16 00:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-04-16 00:03 - 2020-04-16 00:03 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-04-15 23:58 - 2020-03-17 04:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-15 23:58 - 2020-03-17 04:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-15 19:49 - 2020-04-15 19:49 - 000020341 _____ C:\Users\Zac\Downloads\Helipad.rbxm
2020-04-15 19:46 - 2020-04-15 19:46 - 000367225 _____ C:\Users\Zac\Downloads\Vertibirds_of_Vegas.rbxm
2020-04-15 15:38 - 2020-04-15 15:38 - 000598435 _____ C:\Users\Zac\Downloads\f4se_0_06_21.7z
2020-04-14 09:00 - 2020-04-14 09:00 - 000058266 _____ C:\Users\Zac\Downloads\message (1).txt
2020-04-13 21:55 - 2020-04-13 21:55 - 001147122 _____ C:\Users\Zac\Downloads\NCR_Weaponry.rbxm
2020-04-13 21:47 - 2020-04-13 21:47 - 000463157 _____ C:\Users\Zac\Downloads\Armor.rbxm
2020-04-13 13:58 - 2020-04-13 13:58 - 000043413 _____ C:\Users\Zac\Downloads\Booyah.rbxm
2020-04-13 05:29 - 2020-04-13 05:29 - 000000221 _____ C:\Users\Zac\Desktop\Fallout 3 - Game of the Year Edition.url
2020-04-13 02:32 - 2020-04-13 02:32 - 000478322 _____ C:\Users\Zac\Downloads\Combat and Power Armour.rbxm
2020-04-12 23:05 - 2020-04-12 23:05 - 000676577 _____ C:\Users\Zac\Downloads\fallout-3-crashed-vertibird.zip
2020-04-12 19:18 - 2020-04-12 19:18 - 003012222 _____ C:\Users\Zac\Downloads\Hidden Valley.rbxl
2020-04-12 17:19 - 2020-04-12 17:19 - 000822886 _____ C:\Users\Zac\Downloads\blender_nif_plugin-2.6.0a0.dev4.zip
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\Python33
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.3
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyFFI
2020-04-12 17:18 - 2020-04-12 17:18 - 000000000 ____D C:\Program Files (x86)\PyFFI-py3k
2020-04-12 17:17 - 2020-04-12 17:17 - 020508672 _____ C:\Users\Zac\Downloads\python-3.3.0.amd64.msi
2020-04-12 17:16 - 2020-04-12 17:16 - 001535500 _____ C:\Users\Zac\Downloads\PyFFI-2.2.2.win32.exe
2020-04-12 17:15 - 2020-04-12 17:15 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2020-04-12 17:14 - 2020-04-12 17:14 - 026481424 _____ (Python Software Foundation) C:\Users\Zac\Downloads\python-3.8.2.exe
2020-04-12 17:14 - 2020-04-12 17:14 - 000000000 ____D C:\Users\Zac\AppData\Local\Package Cache
2020-04-12 17:13 - 2020-04-12 17:13 - 001431791 _____ C:\Users\Zac\Downloads\pyffi-pyffi-2.2.3.zip
2020-04-12 17:12 - 2020-04-12 17:12 - 000192964 _____ C:\Users\Zac\Downloads\blender_nif_scripts-2.5.9.77b0815-windows.exe
2020-04-12 17:12 - 2020-04-12 17:12 - 000136614 _____ C:\Users\Zac\Downloads\blender_nif_scripts-2.5.9.77b0815.zip
2020-04-12 17:11 - 2020-04-12 17:11 - 002679906 _____ C:\Users\Zac\Downloads\PyFFI-2.1.11.cefd181.win32.exe
2020-04-12 17:10 - 2020-04-12 17:10 - 011293392 _____ C:\Users\Zac\Downloads\blender-2.49b-windows.exe
2020-04-12 17:05 - 2020-04-16 00:46 - 000000000 ____D C:\Users\Zac\Desktop\BSA
2020-04-12 17:05 - 2020-04-12 17:05 - 005698459 _____ C:\Users\Zac\Downloads\BAE v0.11-78-0-11-1541070494.7z
2020-04-12 02:02 - 2020-04-12 02:02 - 002211934 _____ C:\Users\Zac\Downloads\1434962099_t-45d_p3dm.ru (1).rar
2020-04-11 21:51 - 2020-04-11 21:52 - 042034390 _____ C:\Users\Zac\Downloads\PC Computer - Fallout 4 - APC.zip
2020-04-11 18:56 - 2020-04-11 18:58 - 042034390 _____ C:\Users\Zac\Downloads\APC (1).zip
2020-04-10 20:46 - 2020-04-10 20:46 - 000248522 _____ C:\Users\Zac\Downloads\office-chair-ruined.zip
2020-04-10 20:06 - 2020-04-10 20:12 - 000386882 _____ C:\Users\Zac\Downloads\T51.rbxm
2020-04-10 19:31 - 2020-04-10 19:33 - 042034390 _____ C:\Users\Zac\Downloads\APC.zip
2020-04-10 19:24 - 2020-04-10 19:24 - 006153620 _____ C:\Users\Zac\Downloads\Office Desk.zip
2020-04-10 19:24 - 2020-04-10 19:24 - 000780112 _____ C:\Users\Zac\Downloads\workbench.zip
2020-04-10 19:21 - 2020-04-10 19:21 - 001707776 _____ C:\Users\Zac\Downloads\artelery (1).zip
2020-04-10 17:43 - 2020-04-10 17:43 - 000063124 _____ C:\Users\Zac\Downloads\Outfits.rbxm
2020-04-10 16:51 - 2020-04-10 16:51 - 002211934 _____ C:\Users\Zac\Downloads\1434962099_t-45d_p3dm.ru.rar
2020-04-10 16:14 - 2020-04-10 16:14 - 001707776 _____ C:\Users\Zac\Downloads\artelery.zip
2020-04-10 05:49 - 2020-04-10 05:49 - 000682809 _____ C:\Users\Zac\Downloads\Tank Tactics.rbxm
2020-04-10 04:32 - 2020-04-10 04:32 - 006124343 _____ C:\Users\Zac\Downloads\M4A1E7_M5_Shormie_M1.zip
2020-04-10 04:07 - 2020-04-10 04:07 - 002719450 _____ C:\Users\Zac\Downloads\sherman-v.zip
2020-04-10 04:03 - 2020-04-10 04:03 - 000323631 _____ C:\Users\Zac\Downloads\755wxu9pq9kw-sherman.rar
2020-04-10 02:20 - 2020-04-10 02:20 - 000000000 ____D C:\Users\Zac\Desktop\blender-2.79b-windows64
2020-04-10 02:18 - 2020-04-10 02:19 - 115536799 _____ C:\Users\Zac\Desktop\blender-2.79b-windows64.zip
2020-04-03 17:07 - 2020-04-03 17:07 - 000008057 _____ C:\Users\Zac\Downloads\England.svg
2020-04-03 17:07 - 2020-04-03 17:07 - 000008057 _____ C:\Users\Zac\Downloads\England (1).svg
2020-03-30 19:36 - 2020-03-31 21:26 - 000000000 ____D C:\Users\Zac\Downloads\HMP
2020-03-29 22:43 - 2020-03-29 22:43 - 000000222 _____ C:\Users\Zac\Desktop\Hegemony Rome The Rise of Caesar.url
2020-03-29 21:53 - 2020-03-29 21:53 - 000000000 ____D C:\Users\Zac\AppData\LocalLow\ZeroGravity
2020-03-29 21:25 - 2020-03-29 21:25 - 000000222 _____ C:\Users\Zac\Desktop\HELLION.url
2020-03-29 03:05 - 2020-03-29 03:05 - 000000222 _____ C:\Users\Zac\Desktop\Grand Theft Auto V.url
2020-03-28 22:16 - 2020-03-28 22:16 - 004634084 _____ C:\Users\Zac\Downloads\Tanke bola Kugelpanzer.stl
2020-03-27 17:11 - 2020-04-21 08:48 - 000000000 ____D C:\Users\Zac\Downloads\Models
2020-03-27 16:13 - 2020-03-27 16:13 - 000526999 _____ C:\Users\Zac\Downloads\watch.html
2020-03-26 19:55 - 2020-03-26 19:55 - 000000000 ____D C:\Users\Zac\AppData\Roaming\EasyAntiCheat
2020-03-26 00:07 - 2020-03-26 00:07 - 000013519 _____ C:\Users\Zac\Downloads\message.txt
2020-03-25 23:43 - 2020-03-25 23:43 - 000119865 _____ C:\Users\Zac\Downloads\Tonk2.rbxm
2020-03-25 22:24 - 2020-03-25 22:24 - 000260986 _____ C:\Users\Zac\Downloads\Tonk1.rbxm
2020-03-25 21:22 - 2020-03-25 21:22 - 000364739 _____ C:\Users\Zac\Downloads\TONK.rbxm
2020-03-24 16:06 - 2020-03-24 16:06 - 000081549 _____ C:\Users\Zac\Downloads\Hull.rbxm
2020-03-24 03:03 - 2020-03-18 08:51 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2020-03-22 20:44 - 2020-03-22 20:44 - 000000222 _____ C:\Users\Zac\Desktop\Europa Universalis IV.url
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-21 16:10 - 2019-08-14 21:15 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Discord
2020-04-21 16:09 - 2019-08-13 17:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-21 16:02 - 2019-08-14 21:20 - 000000000 ____D C:\ProgramData\BullGuard
2020-04-21 11:06 - 2019-09-07 22:02 - 000000000 ____D C:\Users\Zac\AppData\Local\LogMeIn Hamachi
2020-04-21 10:10 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-21 08:13 - 2019-08-14 21:20 - 000001453 _____ C:\Users\Zac\Desktop\Roblox Studio.lnk
2020-04-21 08:13 - 2019-08-14 21:20 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-04-21 08:12 - 2019-08-13 17:08 - 000840852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-21 08:12 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-04-21 08:09 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-21 08:08 - 2019-08-13 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-21 08:07 - 2019-08-14 21:14 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-21 08:06 - 2019-08-14 09:43 - 000000000 ___RD C:\Users\Zac\OneDrive
2020-04-21 08:05 - 2019-08-13 17:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-21 01:58 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-04-20 23:17 - 2019-08-14 21:30 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-04-20 23:17 - 2019-08-13 17:02 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-20 23:11 - 2019-11-15 21:09 - 000000000 ____D C:\Users\Zac\AppData\LocalLow\Temp
2020-04-20 23:09 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-04-20 23:09 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-04-20 19:01 - 2019-08-14 09:43 - 000000000 ____D C:\Users\Zac\AppData\Local\PlaceholderTileLogoFolder
2020-04-20 17:57 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-20 03:44 - 2019-08-15 01:44 - 000000000 ____D C:\Users\Zac\AppData\Local\CrashDumps
2020-04-20 03:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-20 03:07 - 2020-02-17 18:25 - 000000000 ____D C:\Program Files (x86)\BYOND
2020-04-20 02:08 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF
2020-04-17 20:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-17 20:12 - 2019-08-14 09:43 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2782468524-2809958065-3864316782-1002
2020-04-17 20:12 - 2019-08-14 09:39 - 000002371 _____ C:\Users\Zac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 01:26 - 2019-09-05 20:10 - 000000000 ____D C:\Users\Zac\Desktop\HTML
2020-04-17 01:26 - 2019-08-22 11:34 - 000000000 ____D C:\Users\Zac\AppData\Roaming\RenPy
2020-04-16 17:04 - 2019-08-14 21:20 - 000000252 _____ C:\Users\Zac\AppData\LocalLow\rbxcsettings.rbx
2020-04-16 07:17 - 2019-08-14 21:20 - 000001441 _____ C:\Users\Zac\Desktop\Roblox Player.lnk
2020-04-16 06:12 - 2019-08-14 21:48 - 000000000 ____D C:\Users\Zac\AppData\Local\NVIDIA
2020-04-16 00:54 - 2019-12-22 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning
2020-04-16 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-04-16 00:46 - 2019-12-22 13:08 - 000000000 ____D C:\temp
2020-04-16 00:06 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-15 19:36 - 2019-08-20 12:41 - 000001457 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-04-15 19:36 - 2019-08-20 12:41 - 000001457 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-04-15 19:36 - 2019-08-13 17:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-15 19:35 - 2019-08-20 13:08 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-20 13:08 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-13 18:32 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-13 18:32 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-15 19:35 - 2019-08-13 17:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-15 19:35 - 2019-08-13 17:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-15 19:34 - 2019-08-13 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-15 16:47 - 2019-11-07 01:13 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Vortex
2020-04-15 15:20 - 2019-11-07 18:19 - 000000000 ____D C:\Users\Zac\AppData\Local\Fallout4
2020-04-15 14:42 - 2019-12-22 13:06 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-04-14 16:46 - 2019-08-14 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-04-14 16:46 - 2019-08-14 22:05 - 000000000 ____D C:\Program Files (x86)\Java
2020-04-14 16:45 - 2019-08-14 22:05 - 000114344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2020-04-13 22:50 - 2019-08-25 21:59 - 000000000 ____D C:\Users\Zac\AppData\Local\Bethesda.net Launcher
2020-04-13 22:49 - 2019-08-26 00:27 - 000000223 _____ C:\Users\Zac\Desktop\Fallout 76.url
2020-04-12 22:15 - 2019-08-14 21:20 - 000000000 ____D C:\Users\Zac\AppData\Local\Roblox
2020-04-11 22:53 - 2019-08-13 18:31 - 000655312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-04-11 22:52 - 2019-08-20 12:39 - 004927960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-04-11 21:41 - 2019-08-14 09:43 - 000000000 ____D C:\Users\Zac\AppData\Local\D3DSCache
2020-04-11 06:14 - 2019-09-01 00:41 - 000000000 ____D C:\Users\Zac\Documents\DawnOfMan
2020-04-10 02:26 - 2019-09-12 20:14 - 000000000 ____D C:\Users\Zac\Downloads\SkepticalFox-bigworld-blender-tools-wot-wowp-wows-30f43c1b6069
2020-04-09 00:44 - 2019-11-07 01:17 - 000000000 ____D C:\Users\Zac\AppData\Local\falloutnv
2020-04-09 00:44 - 2019-11-07 01:13 - 000002066 _____ C:\Users\Public\Desktop\Vortex.lnk
2020-04-09 00:44 - 2019-11-07 01:13 - 000002066 _____ C:\ProgramData\Desktop\Vortex.lnk
2020-04-07 23:38 - 2019-08-14 21:05 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 23:38 - 2019-08-14 21:05 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-07 23:38 - 2019-08-14 21:05 - 000002270 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-07 18:58 - 2019-08-20 12:41 - 002799416 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-04-07 18:58 - 2019-08-20 12:41 - 002159592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-04-07 18:58 - 2019-08-20 12:41 - 001314792 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-04-04 01:21 - 2019-08-13 18:31 - 000057237 _____ C:\Windows\system32\nvinfo.pb
2020-04-03 22:56 - 2019-08-20 12:40 - 005581808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-04-03 22:56 - 2019-08-20 12:40 - 002631664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 001172464 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 000446264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 000121144 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-04-03 22:55 - 2019-08-20 12:40 - 000074736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2020-04-03 17:08 - 2019-08-29 10:34 - 000000000 ____D C:\Users\Zac\Desktop\Flagmaker
2020-04-03 11:08 - 2019-08-20 12:40 - 009037867 _____ C:\Windows\system32\nvcoproc.bin
2020-03-30 19:54 - 2019-09-03 02:17 - 000000000 ____D C:\Users\Zac\Documents\Longbow Digital Arts
2020-03-30 19:54 - 2019-09-03 02:17 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Longbow Digital Arts
2020-03-30 00:11 - 2020-02-26 00:32 - 000000000 ____D C:\Users\Zac\AppData\Local\Spotify
2020-03-30 00:06 - 2020-02-26 00:31 - 000000000 ____D C:\Users\Zac\AppData\Roaming\Spotify
2020-03-27 06:55 - 2019-08-20 12:39 - 000170472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-03-27 06:55 - 2019-08-20 12:39 - 000146408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-03-24 03:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Help
2020-03-22 20:50 - 2019-08-14 22:21 - 000000000 ____D C:\Users\Zac\Documents\Paradox Interactive
2020-03-22 20:05 - 2019-08-14 09:39 - 000000000 ____D C:\Users\Zac
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2020
Ran by Zac (21-04-2020 16:12:34)
Running from C:\Users\Zac\Desktop
Windows 10 Home Version 1909 18363.778 (X64) (2019-08-13 16:04:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2782468524-2809958065-3864316782-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2782468524-2809958065-3864316782-503 - Limited - Disabled)
Guest (S-1-5-21-2782468524-2809958065-3864316782-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2782468524-2809958065-3864316782-504 - Limited - Disabled)
Zac (S-1-5-21-2782468524-2809958065-3864316782-1002 - Administrator - Enabled) => C:\Users\Zac
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version:  - Ubisoft)
Atom (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\atom) (Version: 1.44.0 - GitHub Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
BullGuard Internet Security (HKLM\...\BullGuard) (Version: 20.0 - BullGuard Ltd.)
Crossout Launcher 1.0.3.104 (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\CrossOutLauncher_is1) (Version:  - )
Discord (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Discord) (Version: 0.0.306 - Discord Inc.)
Floating Sandbox 1.13.0.7 (HKLM\...\{271B0327-AB12-475F-819C-219D6C825A7E}) (Version: 1.13.0.7 - Gabriele Giuseppini)
GameRanger (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gyazo 4.1.0.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 6.1.4 (HKLM\...\{E07820B4-EDC1-44FC-B1AE-D1D0F347F16B}) (Version: 6.1.4 - Oracle Corporation)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Paradox Launcher v2 (HKLM\...\{3D662AC5-4616-4A1C-912E-BD5BF9C9F4C8}) (Version: 2.0.0.0 - Paradox Interactive)
PyFFI 2.2.2 (HKLM-x32\...\PyFFI-py3k) (Version: 2.2.2 - Amorilia <[email protected]>)
Python 3.3.0 (64-bit) (HKLM\...\{290329c4-a276-3aec-b633-9f5a39d8dd96}) (Version: 3.3.150 - Python Software Foundation)
Python 3.8.2 (32-bit) (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\{3182483d-078b-48fa-92c2-798baa1fe27d}) (Version: 3.8.2150.0 - Python Software Foundation)
Python 3.8.2 Core Interpreter (32-bit) (HKLM-x32\...\{6BA6203C-85AB-4B9E-8582-CE31B1B5C0ED}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Development Libraries (32-bit) (HKLM-x32\...\{12B4F371-ACE2-435B-BCF1-623F36C4E176}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Documentation (32-bit) (HKLM-x32\...\{45CEE0C6-5BB2-4A8B-B83C-58559A1CA424}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Executables (32-bit) (HKLM-x32\...\{FE5BE50D-21D5-44FB-9A97-5010E68608DA}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 pip Bootstrap (32-bit) (HKLM-x32\...\{2E818780-AC79-4BC0-8023-C1CC46EAC9B6}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Standard Library (32-bit) (HKLM-x32\...\{09CC0C6D-0822-491E-A10E-2A8443DDF170}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{B1528EAE-7E64-49DB-8CE1-514EB30BB38B}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Test Suite (32-bit) (HKLM-x32\...\{EE21EEE7-9D5A-4ECE-B60F-4BFA63BDA937}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Utility Scripts (32-bit) (HKLM-x32\...\{E284B869-7701-4A91-82C2-D3E66974A0F9}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{AF12A465-EA47-447D-B6BF-2A82CDBE2F0E}) (Version: 3.8.6994.0 - Python Software Foundation)
Rags Suite (HKLM-x32\...\{7C60776C-C6EA-4C59-926B-BA76703D2608}) (Version: 2.4.16 - RagsGame)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0331.033010 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8403 - Realtek Semiconductor Corp.)
Roblox Player for Zac (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Zac (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\roblox-studio) (Version:  - Roblox Corporation)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Spotify (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Theme Park Inc (HKLM-x32\...\{094FABA0-4865-11D4-95B6-000103485DB6}) (Version:  - )
Theme Park World (HKLM-x32\...\Theme Park World) (Version:  - )
Twitch (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ultimate Admiral: Dreadnoughts  (HKLM-x32\...\Ultimate Admiral: Dreadnoughts) (Version:  - GameLabs)
Uplay (HKLM-x32\...\Uplay) (Version: 94.0 - Ubisoft)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.1.15 - Black Tree Gaming Ltd.)
War Thunder Launcher 1.0.3.172 (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Wargaming.net Game Center (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\Wargaming.net Game Center) (Version: 19.9.2.8852 - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World_of_Warships_EU (HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
WorldBox version 0.4.136 (HKLM-x32\...\{49225ABB-EE43-47CB-9226-FDF111C713FE}_is1) (Version: 0.4.136 - Maxim Karpenko)
 
Packages:
=========
Halo Wars 2 -> C:\Program Files\WindowsApps\Microsoft.HoganThreshold_1.11.2931.2_x64__8wekyb3d8bbwe [2020-04-12] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-03-26] (BullGuard Ltd. -> BullGuard Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-01-29] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [bgshellext] -> {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} => C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [2020-01-28] (BullGuard Ltd. -> BullGuard Ltd.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-04-21 08:13 - 2020-04-21 08:13 - 000014848 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\libEGL.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 001592832 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\libGLESv2.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 003912192 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\qtnribbon4.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 001037824 _____ () [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\sgCore.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 026296832 _____ (The ICU Project) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\icudt59.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 002084864 _____ (The ICU Project) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\icuin59.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 001505792 _____ (The ICU Project) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\icuuc59.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 001667072 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\LIBEAY32.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000355328 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\ssleay32.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\PlugIns\Qt5\imageformats\qgif.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000240640 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\PlugIns\Qt5\imageformats\qjpeg.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 001206272 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\PlugIns\Qt5\platforms\qwindows.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qml\QtQml\Models.2\modelsplugin.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qml\QtQuick.2\qtquick2plugin.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000749056 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qml\QtQuick\Window.2\windowplugin.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 005158400 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Core.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 004482560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Gui.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000722432 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Multimedia.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000100864 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5MultimediaWidgets.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 001068544 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Network.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5OpenGL.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000222208 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Positioning.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000318976 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5PrintSupport.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 003077120 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Qml.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 003080192 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Quick.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000187904 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Sensors.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000202752 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Sql.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000105472 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5WebChannel.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 022686720 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5WebKit.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000232960 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5WebKitWidgets.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 005488128 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Widgets.dll
2020-04-21 08:13 - 2020-04-21 08:13 - 000193536 _____ (The Qt Company Ltd) [File not signed] C:\Users\Zac\AppData\Local\Roblox\Versions\version-008ce0c91f804a23\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-2782468524-2809958065-3864316782-1002\...\StartupApproved\Run: => "Gaijin.Net Agent"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5DAFB70B-D96F-4C28-8F05-9602D979D34A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4195E893-0218-4E75-8BD2-298CB58267BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{10281526-42A0-46D7-8E4A-10732AC64F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Armored Battle Crew WW1\Armored Battle Crew WW1.exe () [File not signed]
FirewallRules: [{8BC338A0-895C-4BEC-AF76-A0E230AB310F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Armored Battle Crew WW1\Armored Battle Crew WW1.exe () [File not signed]
FirewallRules: [{73F594D0-A97B-47DA-AB74-8B27934D4B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E74534BA-5D97-47BE-B5DF-259655432D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{AC3E5847-E882-4334-93D8-E6AAA44CBAF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{6266EDAF-6EEF-4492-A1AC-D9997528A21F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{019B2411-3BCA-4D20-BDEF-95454C788A56}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{64DBA4D1-5034-46C9-B791-DE20DDFAF897}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{7A37401F-1893-43C7-9063-20D3115776ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BomberCrew\BomberCrew.exe () [File not signed]
FirewallRules: [{7EF0008E-A774-40A1-9880-F71560582028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BomberCrew\BomberCrew.exe () [File not signed]
FirewallRules: [{8076C94B-E100-499A-9DCF-29E34F77EDB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\Hegemony III Launcher.exe () [File not signed]
FirewallRules: [{C41B962D-ECCA-4AF0-A5DA-1E8F181D605E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\Hegemony III Launcher.exe () [File not signed]
FirewallRules: [{070E427E-1A0D-44EC-B9D9-A5C5DB5C104B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\x64\Hegemony III.exe () [File not signed]
FirewallRules: [{39095E78-D4F3-45A7-A547-B0C6A66AFF8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony III\x64\Hegemony III.exe () [File not signed]
FirewallRules: [{EFC05F5C-C71C-4DF6-A23D-94CDE0E8E5B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{23D1081C-EB6C-4849-BA50-59C9CB76C3BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{CCFADFC6-EF5C-45AE-9089-DF214CCC349F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{EB4633FE-4EC5-417F-967C-D8B4F10837F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{C99692D2-AD30-42BF-9145-3C3E0F8ECBF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{F0F2478A-ACCE-4A4D-B3B9-2F166AA4A1C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{D331E44A-2B50-4C38-A8F6-A388BE6B400B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{22476FA6-75D3-4572-BC0E-524B3B24832B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B5CBC2A1-ED3C-491E-A6E1-79CA1150CF33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{59068B62-07D9-46C5-9745-13843246410B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{C9D24F4B-C309-4751-AFEC-146684CD268D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aven Colony\AvenColony.exe () [File not signed]
FirewallRules: [{626CA820-2417-4E10-B4CF-F3C922536F0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aven Colony\AvenColony.exe () [File not signed]
FirewallRules: [TCP Query User{4C72D28B-8764-4D87-A590-614FF63C6700}C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{A2288174-BC4D-49EB-ABBB-32D5908431F6}C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aven colony\avencolony\binaries\win64\avencolony-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{EC2ED010-86AD-49E6-98DB-4A33E0312FFD}] => (Allow) G:\Games\steamapps\common\Transport Fever\TransportFever.exe () [File not signed]
FirewallRules: [{C08501BC-D700-41D8-B63B-01617E577FB0}] => (Allow) G:\Games\steamapps\common\Transport Fever\TransportFever.exe () [File not signed]
FirewallRules: [{1781FF1D-B60C-4170-93BF-82547B4DEA11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA66F4A6-BD4F-43C0-A1AD-550864402615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C88C1419-EC38-430B-9343-56D56E0E2B86}] => (Allow) G:\Games\Ubisoft Games\Anno 1800\Bin\Win64\Anno1800.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [{882A6EC0-F154-4844-A6AC-316E34F96E40}] => (Allow) G:\Games\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{2A4A8576-8EA4-4703-9D50-064755BFFD97}] => (Allow) G:\Games\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{C0BA2107-2B2F-4D88-AC5A-FEED607F936D}] => (Allow) G:\Games\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{49225356-3E4A-4817-8670-7CD6CFD52EA4}] => (Allow) G:\Games\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [TCP Query User{A0130E91-37A2-4D63-BAA0-87504625A57F}G:\games\steamapps\common\total war rome ii\rome2.exe] => (Allow) G:\games\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{1142ABD2-0DCB-45C2-954D-A5C9043AA99A}G:\games\steamapps\common\total war rome ii\rome2.exe] => (Allow) G:\games\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{626D9653-9C96-4D12-8FC7-F9D7F69FF554}] => (Allow) G:\Games\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{DC47ABD9-A7DF-40B6-AD9F-F745E5753A3A}] => (Allow) G:\Games\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [TCP Query User{0F5E9044-35C8-4429-A161-B939E8DE7336}G:\bethesda.net launcher\games\fallout76\fallout76.exe] => (Allow) G:\bethesda.net launcher\games\fallout76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{6C25ED78-4B52-4758-9E08-12E9174DA86D}G:\bethesda.net launcher\games\fallout76\fallout76.exe] => (Allow) G:\bethesda.net launcher\games\fallout76\fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{C17EF26D-D3D9-4812-9E71-42A7EBB410F9}] => (Allow) G:\Games\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7CF0B7DF-B894-4F8E-9BBC-E966F392931B}] => (Allow) G:\Games\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{81E15DA0-60EB-41A1-8266-9DADAA1E0F47}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BB0C6F80-EF23-4E1B-BDB6-45EF60B47084}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ADB7795E-5149-45C6-B52C-29B0C4B7177F}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{D9F5478B-7227-4ACC-9309-73DC8F7399D8}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{3543E05F-C053-4984-88F0-6EF188D3B8DD}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{A9781AF2-6B92-4D72-B368-49E2D5CE66F4}] => (Allow) G:\Games\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{B09E0A4A-A80E-40F1-8935-76C49298B398}] => (Allow) G:\Games\steamapps\common\Steel Division\SteelDivision.exe (Eugen Systems -> )
FirewallRules: [{0A592B6C-EACB-43CC-B4CB-441B4D6113C2}] => (Allow) G:\Games\steamapps\common\Steel Division\SteelDivision.exe (Eugen Systems -> )
FirewallRules: [{23A2E81B-8F4B-4D86-AE2A-6363BD4B551C}] => (Allow) G:\Games\steamapps\common\Parkitect\Parkitect.exe () [File not signed]
FirewallRules: [{3DF7B458-3766-4E4A-AA8D-FA93355B9C84}] => (Allow) G:\Games\steamapps\common\Parkitect\Parkitect.exe () [File not signed]
FirewallRules: [{EEEBD6A3-F99C-42CA-9B91-6A1E6A812BD2}] => (Allow) G:\Games\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{5CDE3617-4D9A-4E9F-BEDE-728F56FAE8E4}] => (Allow) G:\Games\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{7E91F66A-31BF-4A82-9AC8-C68102ADE589}] => (Allow) G:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{1DC7B931-7C35-4205-8CD4-FB0627F31B30}] => (Allow) G:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{45EB77CB-BCB7-4578-9CE3-EC258719854C}] => (Allow) G:\Games\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{B10B4864-A768-488F-B6D2-65DC8A90FCEF}] => (Allow) G:\Games\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{E92084FC-CEF1-4320-82B1-0B74BD8EEBDF}] => (Allow) G:\Games\steamapps\common\Tropico 6\Tropico6.exe (Kalypso Media Group -> Epic Games, Inc.)
FirewallRules: [{3192B8F3-FE9B-48E8-BF06-148CD11D912E}] => (Allow) G:\Games\steamapps\common\Tropico 6\Tropico6.exe (Kalypso Media Group -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F9CBEFE2-72F1-460C-AD4B-2DA8FCC88758}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{18A11BE4-1A67-4CEE-9652-B43DA2B5D75C}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{BF4160FB-E2A0-4961-92C8-4C06C49AB4EC}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{B7B0EA26-5172-40A9-883D-1A29CFF7A25E}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{FB1B83E2-E6C5-4AA3-A0E1-0DDE31860734}] => (Allow) G:\Games\steamapps\common\Kingdoms and Castles\KingdomsAndCastles.exe () [File not signed]
FirewallRules: [{B96BF9BF-2370-4752-91E7-41744E465E61}] => (Allow) G:\Games\steamapps\common\Kingdoms and Castles\KingdomsAndCastles.exe () [File not signed]
FirewallRules: [{1AC0B75C-7229-43DF-BFB2-17881882E902}] => (Allow) G:\Games\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{18400502-024F-419A-B549-B58872D9C3EF}] => (Allow) G:\Games\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{E1B6D19E-1F18-457A-9C97-F516BE77FFB1}] => (Allow) G:\Games\steamapps\common\Hearts of Iron 3\hoi3.exe (Paradox Interactive) [File not signed]
FirewallRules: [{98F5E765-17DA-413E-A967-34A41C34481E}] => (Allow) G:\Games\steamapps\common\Hearts of Iron 3\hoi3.exe (Paradox Interactive) [File not signed]
FirewallRules: [TCP Query User{7C88D709-454D-43E5-99A0-CFE08CA6780E}G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe No File
FirewallRules: [UDP Query User{4BD9674C-E48A-4B6C-97F8-23D683C6170C}G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3_tfh.exe No File
FirewallRules: [{1B993166-E209-4A38-8746-2B061A661D37}] => (Allow) G:\Games\steamapps\common\[bleep] Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FD004C29-1A85-4334-A735-D9AE07BC6E22}] => (Allow) G:\Games\steamapps\common\[bleep] Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{1EADF70A-4799-401C-B1F5-9BEA2EB0AD3C}C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{7C29204D-26BD-48A9-8E46-0660ED16F835}C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zac\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{B49E6FBE-BB61-4C27-8ECA-2A39914115DF}G:\games\steamapps\common\hearts of iron 3\hoi3game.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3game.exe () [File not signed]
FirewallRules: [UDP Query User{AE9E69C1-2969-4D66-A0E8-D49A9A35E8DD}G:\games\steamapps\common\hearts of iron 3\hoi3game.exe] => (Allow) G:\games\steamapps\common\hearts of iron 3\hoi3game.exe () [File not signed]
FirewallRules: [{9A881FEB-BBE3-47FB-A8B2-B1BB0F064C2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{965FBCCC-C75B-43B0-9C4B-E9B9881CF7FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{01EC0608-9A3A-4C20-AEC7-3EF04E55A105}C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe (Offworld Industries -> Sas Periscope Games)
FirewallRules: [UDP Query User{D4290E40-74B1-42C7-A7A4-34E092A7DA9D}C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe (Offworld Industries -> Sas Periscope Games)
FirewallRules: [{1B958EEF-8C36-4963-B997-B764270A2849}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [{6F6A4411-3C6A-4BF7-A7C7-B66182AEF8CF}] => (Allow) G:\Games\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe No File
FirewallRules: [TCP Query User{C37B75E3-C860-4AED-B547-202D110DF446}G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]
FirewallRules: [UDP Query User{72B8D3E8-ED41-44A2-B1CE-008554BBF79F}G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) G:\games\steamapps\common\[bleep] let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]
FirewallRules: [TCP Query User{AEA23F2F-FC3B-4FBF-96A4-2EFE4BE7BA53}G:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{49589A0B-AA15-4A2E-887D-839BB3928092}G:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{7D78DA11-6353-4148-AAC0-4DB510AC227F}] => (Allow) G:\Games\steamapps\common\60 Seconds! Reatomized\60SecondsReatomized.exe () [File not signed]
FirewallRules: [{63EC2A34-D80A-41A6-B32D-5606A1F2C41D}] => (Allow) G:\Games\steamapps\common\60 Seconds! Reatomized\60SecondsReatomized.exe () [File not signed]
FirewallRules: [{A8A0BE6E-A8DB-45F8-8DA4-2F8EF8B2112D}] => (Allow) G:\Games\steamapps\common\Atlantic Fleet\AtlanticFleet.exe () [File not signed]
FirewallRules: [{3527D761-86E4-413E-821D-1BB9985C1B1B}] => (Allow) G:\Games\steamapps\common\Atlantic Fleet\AtlanticFleet.exe () [File not signed]
FirewallRules: [{3C3284D1-15AF-4376-901C-D6EDF07151BB}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\epiccarfactory.exe () [File not signed]
FirewallRules: [{755D2595-705B-4D84-BF61-FE2A0F6E5390}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\epiccarfactory.exe () [File not signed]
FirewallRules: [{BBED1B7E-B03C-4009-A917-7E926AA8259D}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\mod_uploader\mod_uploader.exe () [File not signed]
FirewallRules: [{F4317137-EBB9-4D92-94E9-5005AF8F53F1}] => (Allow) G:\Games\steamapps\common\Epic Car Factory\mod_uploader\mod_uploader.exe () [File not signed]
FirewallRules: [{403B5264-383C-4BD0-81B3-34AA257C880E}] => (Allow) G:\Games\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D9053CC1-2398-4565-B085-989C0C74C950}] => (Allow) G:\Games\steamapps\common\Foxhole\War.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{563301EC-FCA8-4579-A6A1-29EBB73DEE50}] => (Allow) G:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0194C2E6-F40F-4598-A4CA-49903B253FE7}] => (Allow) G:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{AECC0F76-C4FA-4B07-81D3-E69EDCF959F2}] => (Allow) G:\Games\steamapps\common\Field of Glory Empires\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{DAED62DA-D589-4B7F-AB95-FD828AC16FA5}] => (Allow) G:\Games\steamapps\common\Field of Glory Empires\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{4BED54BC-DEBC-4AA9-8766-F48D7CC5A8D0}] => (Allow) G:\Games\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{F4B2ACF2-32A4-45C7-8435-07D565E90AC3}] => (Allow) G:\Games\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{C985540D-DA2B-4D83-8D45-3021D8EFB057}] => (Allow) G:\Games\steamapps\common\HENTAI - World War II\HENTAI WW2.exe () [File not signed]
FirewallRules: [{2C418E57-4244-4D09-B9FE-F4BAC0F9AADB}] => (Allow) G:\Games\steamapps\common\HENTAI - World War II\HENTAI WW2.exe () [File not signed]
FirewallRules: [TCP Query User{26FA24D2-7BDA-41B1-A7BF-E54A9C92519B}G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) G:\games\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe No File
FirewallRules: [{2701D6A2-5C53-45DF-9689-882AB753152A}] => (Allow) G:\Games\steamapps\common\Battle Brothers\win32\BattleBrothers.exe () [File not signed]
FirewallRules: [{C258D4F2-6DC5-4263-8BD2-A7D53971A9AB}] => (Allow) G:\Games\steamapps\common\Battle Brothers\win32\BattleBrothers.exe () [File not signed]
FirewallRules: [{50500535-E2CF-4298-AAB7-A26C1EBE919E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{F2C239E5-C114-46ED-8066-C5E738364C6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [TCP Query User{640EA036-CBAC-4796-98E7-0EFC8052CA4E}G:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{539FDDBE-61DC-4A6A-9308-4B5B3ED73F44}G:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) G:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{CF61F90A-D02A-40AD-A2A4-D78555CF797E}] => (Allow) G:\Games\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [{5922739C-0339-4E2D-BBA2-610DA1CE2BD2}] => (Allow) G:\Games\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [File not signed]
FirewallRules: [TCP Query User{39C3D121-4F24-4DC5-A62B-48406418B171}C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{60C928ED-230C-4FA5-B954-0BEECCBDBFF0}C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\zac\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{6C235F05-B581-4D5A-BFBE-A518702C258A}] => (Allow) G:\Games\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{F5394E27-9EFA-4FD8-B171-502086175353}] => (Allow) G:\Games\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{5C303CF9-E531-43A9-B487-E4C87A6C7C39}] => (Allow) G:\Games\steamapps\common\Democracy 3\Democracy3.exe () [File not signed]
FirewallRules: [{B42E323C-16D8-4799-A02C-D0A85C60860D}] => (Allow) G:\Games\steamapps\common\Democracy 3\Democracy3.exe () [File not signed]
FirewallRules: [{25C26694-9BD2-4EAD-A855-2D7FC30D567D}] => (Allow) G:\Games\steamapps\common\Celestial Command\CelestialCommand.exe () [File not signed]
FirewallRules: [{ECC3884A-CEAB-4253-A930-E5D51CC2D9A0}] => (Allow) G:\Games\steamapps\common\Celestial Command\CelestialCommand.exe () [File not signed]
FirewallRules: [{8ED7B4BC-B0EC-488C-9921-E4851F63B21B}] => (Allow) G:\Games\steamapps\common\Barotrauma\Barotrauma.exe (FakeFish, Undertow Games) [File not signed]
FirewallRules: [{7DB2915B-EE93-4D04-BBB8-976FD9E9291B}] => (Allow) G:\Games\steamapps\common\Barotrauma\Barotrauma.exe (FakeFish, Undertow Games) [File not signed]
FirewallRules: [TCP Query User{21463BD1-3C2D-45C5-BAE5-C1030B98A8B8}G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{BB67EE8C-8E20-44EE-A2AA-DB55D7854E67}G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe] => (Allow) G:\games\steamapps\common\total war saga thrones of britannia\thrones.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{CDEFA104-042D-4FD2-9EC3-032B7D1E9604}] => (Allow) G:\Games\steamapps\common\Tom Clancys Endwar\Binaries\EndWar.exe (Ubisoft) [File not signed]
FirewallRules: [{705F855D-C59F-4D36-99F7-0218AC21F1E3}] => (Allow) G:\Games\steamapps\common\Tom Clancys Endwar\Binaries\EndWar.exe (Ubisoft) [File not signed]
FirewallRules: [{7E5F7FED-8D5F-464B-BA39-1C6AEE2DBB2A}] => (Allow) G:\Games\steamapps\common\Dreadnought\DreadnoughtLauncher.exe (Six Foot, LLC -> Six Foot LLC)
FirewallRules: [{826A5A2A-72BA-495A-B50C-310B51AC5DA7}] => (Allow) G:\Games\steamapps\common\Dreadnought\DreadnoughtLauncher.exe (Six Foot, LLC -> Six Foot LLC)
FirewallRules: [{6A189EBB-B7C7-4827-A5A9-6EFD79FEB2C9}] => (Allow) G:\Games\steamapps\common\Outscape\Outscape.exe () [File not signed]
FirewallRules: [{5482A38B-3825-44A2-8E98-803B78313F51}] => (Allow) G:\Games\steamapps\common\Outscape\Outscape.exe () [File not signed]
FirewallRules: [TCP Query User{D7FABAE7-2566-41E4-9C38-EFA915060235}G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe (Six Foot, LLC -> Epic Games, Inc.)
FirewallRules: [UDP Query User{8A43938A-796F-4F6A-B176-29F740DF07A2}G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) G:\games\steamapps\common\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe (Six Foot, LLC -> Epic Games, Inc.)
FirewallRules: [{39FE4BF8-3F92-4377-A167-25364B371520}] => (Allow) G:\Games\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{41D529B7-25B0-4DE3-8CB7-9F54418E9470}] => (Allow) G:\Games\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{5AC480F5-9985-4E87-8905-C6FEC8F8B4E4}] => (Allow) G:\Games\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{996EA694-B48A-413C-BA93-FF93439F854B}] => (Allow) G:\Games\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{2BC7F9D6-9E77-4032-9A85-A9E884B6D3D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{0E560A70-670D-4D12-B4A2-FDD34A8E688C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{101BBC04-B120-4258-91AC-650F7143F042}G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe] => (Allow) G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe No File
FirewallRules: [UDP Query User{1846CD3B-D4C1-4157-81E8-34EFD40CD168}G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe] => (Allow) G:\games\steamapps\common\sniper elite 4\bin\sniperelite4_dx12.exe No File
FirewallRules: [{B686370C-FA45-4C18-BE96-157FBA361415}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2 Remastered\Launcher\SEV2RLauncher.exe () [File not signed]
FirewallRules: [{290354AF-EB6E-4E71-9FEA-7932203F0D1B}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2 Remastered\Launcher\SEV2RLauncher.exe () [File not signed]
FirewallRules: [{33DA8E53-2866-434D-AE19-14FED1645A62}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{41C8EB1D-FBDB-498B-81C4-99A96CF3959B}] => (Allow) G:\Games\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{CEA3D6F3-95A0-4651-B7EA-017D5243826C}] => (Allow) G:\Games\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{20A150F9-0BD3-42FB-9594-E7664ABBCD5E}] => (Allow) G:\Games\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{327E5E28-57AC-453A-A052-0F7450852B3C}] => (Allow) C:\Users\Zac\AppData\Local\Ultimate Admiral Dreadnoughts\launcher.exe (Xsolla (USA), Inc -> XSOLLA)
FirewallRules: [{9D5D470A-09AA-451C-B950-928B3BFAD77E}] => (Allow) C:\Users\Zac\AppData\Local\Ultimate Admiral Dreadnoughts\launcher.exe (Xsolla (USA), Inc -> XSOLLA)
FirewallRules: [{E61CCA6A-4FAB-4E4F-85CA-A44013927FC6}] => (Allow) G:\Games\steamapps\common\PULSARLostColony\PULSAR_LostColony.exe () [File not signed]
FirewallRules: [{5887811B-57DA-4FF1-BA97-AE62BE145974}] => (Allow) G:\Games\steamapps\common\PULSARLostColony\PULSAR_LostColony.exe () [File not signed]
FirewallRules: [{C1E2A5A3-07D9-4096-A605-27D7B0386359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Hulk Deathwing - Enhanced Edition\SpaceHulkGame.exe (Focus Home Interactive -> )
FirewallRules: [{99429706-5559-4998-9A17-A9FA3C280531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Hulk Deathwing - Enhanced Edition\SpaceHulkGame.exe (Focus Home Interactive -> )
FirewallRules: [TCP Query User{25490047-E8F9-4F9B-9FF4-C26B6D7AE71B}C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe (Focus Home Interactive -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A6968DEE-4CF2-401E-9726-DE741FF4535B}C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe (Focus Home Interactive -> Epic Games, Inc.)
FirewallRules: [{F55561BB-4181-442D-B6B2-44792B3D0DB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terminator Resistance\Terminator.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7CA93754-E7BB-4EE6-9FA6-2E2AD6FB7A60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terminator Resistance\Terminator.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{3181EF8D-7C08-457E-8B24-F041E0EF22F6}C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{E32A0956-78DE-4E2E-B3FE-F82DA078521F}C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terminator resistance\terminator\binaries\win64\terminator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DEB778EF-F9B8-40B7-BB8D-661342255715}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9D74A79B-4928-48A2-A605-1973C6A14C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{408A8B84-C6CD-4BDD-AD01-6ABA6DDA3F44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{0A686890-933A-4630-A9D9-57C382D629C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{6A35E813-1787-44FE-8C13-025740F6FDF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HaloWarsDE\xgameFinal.exe (343 Industries) [File not signed]
FirewallRules: [{A59EF4C5-0900-4592-BDEA-3078A4DB6DBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HaloWarsDE\xgameFinal.exe (343 Industries) [File not signed]
FirewallRules: [{726E0D58-F7F2-4C98-9C05-D0DA6CF90596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe () [File not signed]
FirewallRules: [{3506DA20-C91B-4936-83CB-1D3142019ADE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe () [File not signed]
FirewallRules: [{58C33CB5-6D2A-470E-A4B4-898595013964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B770DEEA-B023-4681-B4BF-2D7684C8E607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3CC3E8BA-114B-4F0C-B133-578D880E2077}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\Paradox Launcher.exe No File
FirewallRules: [{F2599E17-0FE0-4DA2-9560-C8560A48B39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\Paradox Launcher.exe No File
FirewallRules: [{721AF222-6F4E-4068-A954-3B53E02815DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe (Compulsion Games) [File not signed]
FirewallRules: [{157B07B1-12FE-4E00-83A8-7047E429FB02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe (Compulsion Games) [File not signed]
FirewallRules: [{30463906-A8CE-43D0-9A16-B57220B70EA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{3F285AA8-4B49-432B-8D9F-DB2E0E87369A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{77A4D019-4BA4-4F87-8487-1BF7467AB6BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{7C31EB0A-B6CD-4F92-95B4-9227B09B9703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{007953EF-3EB7-429D-9115-7AECAF7ABAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BF0CEEFB-504A-4684-8A1D-A212F6087A1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{596B24B9-4162-4BEE-A6A0-FA45053DDC71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{814D3FC6-B25B-4FC3-BC07-1D3B5749A977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{5B431370-A0B7-4960-AF92-E3D6A309570C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{520A6012-D3CD-4717-AA81-5B55AF248C3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{3F71F3E0-589E-491D-88D1-951BC79CFC4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1AED45D3-550D-4F15-93E6-6F19DEAC1FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{78C596A0-1A4D-4415-AB13-FC63AB051906}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe () [File not signed]
FirewallRules: [{CE3CFFF3-6C2F-4506-87A5-EC9095CB91BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe () [File not signed]
FirewallRules: [{7929A317-B68B-4C68-9C30-96B7F10C9FDD}] => (Allow) H:\Games\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{4A548B8A-1990-4947-89B8-1D43A0F8AE1F}] => (Allow) H:\Games\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BA377554-CAC4-4D4B-881C-06034707C75E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{7ECF574F-9080-4F7D-A19E-579A6FE1B0A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [TCP Query User{AEFFF08F-F3E0-4AFA-943F-87A97E2BB12C}H:\games\steamapps\common\arma 3\arma3_x64.exe] => (Allow) H:\games\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{7A7AAC17-15FA-4CC9-B674-30A316619D20}H:\games\steamapps\common\arma 3\arma3_x64.exe] => (Allow) H:\games\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{32C111EA-21A4-49B0-9D8D-F8B667C938CB}] => (Allow) H:\Games\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{FA56BD0A-50B9-4ADD-B98C-4DA98BA45FFD}] => (Allow) H:\Games\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{17ED5D95-476D-4615-813B-BA269B2A9350}] => (Allow) H:\Games\steamapps\common\star conflict\game.exe (TARGEM GEIMZ, OOO -> Star Gem)
FirewallRules: [{4DF9A7A1-80D2-483D-B51D-D79E71F8EA76}] => (Allow) H:\Games\steamapps\common\star conflict\game.exe (TARGEM GEIMZ, OOO -> Star Gem)
FirewallRules: [{1F17D0C1-7F95-46C0-BEAB-5FF48D589AB0}] => (Allow) H:\Games\steamapps\common\HisMajesty'sShip\HMS.exe () [File not signed]
FirewallRules: [{1AAC972B-D461-4CAA-8C2B-F7986D808738}] => (Allow) H:\Games\steamapps\common\HisMajesty'sShip\HMS.exe () [File not signed]
FirewallRules: [{9373574B-F5FB-44FD-80ED-1628CA907AC6}] => (Allow) H:\Games\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{B9C10EE4-9CE3-4E4A-B125-779AF010313B}] => (Allow) H:\Games\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{4A37F0AF-C296-4268-80A7-8FB2062EBD73}] => (Allow) H:\Games\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{EBDCF330-BFA7-4768-BB91-FD2CAD6E60F6}] => (Allow) H:\Games\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{1500109B-D6DF-46CF-9C3A-441D660B2BAA}] => (Allow) H:\Games\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{266F38E7-54C9-40B1-B168-B5EB1C572B5E}] => (Allow) H:\Games\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{F4DDE7B2-5760-4BFC-A47D-406F737DDCD3}] => (Allow) H:\Games\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [File not signed]
FirewallRules: [{7B0D4B4D-F58D-415F-90D4-2D3267B60D93}] => (Allow) H:\Games\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [File not signed]
FirewallRules: [{74B0C43C-BC5D-45EA-8E77-7557A7DD6361}] => (Allow) H:\Games\steamapps\common\TyranoBuilder\tyranobuilder.exe () [File not signed]
FirewallRules: [{8BCD0E74-D967-4794-B120-BE986FD5930B}] => (Allow) H:\Games\steamapps\common\TyranoBuilder\tyranobuilder.exe () [File not signed]
FirewallRules: [{509C8451-F1F8-4426-A7AC-9BEC3FE30018}] => (Allow) H:\Games\steamapps\common\Manga Maker Comipo\ComiPo.exe (Web Technology Corp. -> Web Technology Corp.)
FirewallRules: [{4621E90E-07F9-4F95-9C6B-4548A8E442DE}] => (Allow) H:\Games\steamapps\common\Manga Maker Comipo\ComiPo.exe (Web Technology Corp. -> Web Technology Corp.)
FirewallRules: [{7E992A05-DF8A-457B-8D55-2D348F9EB199}] => (Allow) H:\Games\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{EC9A7B31-9CE5-4FA1-AFB4-0DDB429A6688}] => (Allow) H:\Games\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{ADCEC7F9-3C6E-4CCA-8904-C7662DDEB2D9}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT.exe () [File not signed]
FirewallRules: [{019EEBD0-E00B-4874-9161-34857B53FB86}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT.exe () [File not signed]
FirewallRules: [{079FAA2E-0B77-4E3C-A117-4944DF511350}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT Launcher.exe (Deep Water Studio) [File not signed]
FirewallRules: [{98293A12-5E43-40D9-8B79-1505C1ABD582}] => (Allow) H:\Games\steamapps\common\UBOAT\UBOAT Launcher.exe (Deep Water Studio) [File not signed]
FirewallRules: [{775156D3-68B6-427E-9137-7A20D6E948EC}] => (Allow) H:\Games\steamapps\common\Azur Lane Crosswave\Azurlane.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{88B72A5A-9675-405D-AB36-9B425A7D6575}] => (Allow) H:\Games\steamapps\common\Azur Lane Crosswave\Azurlane.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5CA5B4BD-597B-4B66-8974-B5AA057CC873}H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe] => (Allow) H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{C5E9645D-F797-4706-B7D8-549AF73883C5}H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe] => (Allow) H:\games\steamapps\common\azur lane crosswave\azurlane\binaries\win64\azurlane-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A302AA5C-16A7-42F0-831D-1E3E5D42118B}] => (Allow) H:\Games\steamapps\common\Star Trek Online\Star Trek Online.exe (Cryptic Studios Inc. -> )
FirewallRules: [{3C07F45D-4020-47BC-9151-FDC7A38BF72B}] => (Allow) H:\Games\steamapps\common\Star Trek Online\Star Trek Online.exe (Cryptic Studios Inc. -> )
FirewallRules: [{BBAC5FB2-B2CC-489E-8C3C-4D88464FE4CC}] => (Allow) H:\Games\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{1F0D67AC-B4FF-442F-9978-339D77B309BB}] => (Allow) H:\Games\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{488CCA8B-591D-4ACA-9318-A9186741A259}] => (Allow) H:\Games\steamapps\common\War of the Human Tanks\War of the Human Tanks.exe (Fruitbat Factory & Yakiniku Banzai) [File not signed]
FirewallRules: [{C7A898C0-2A9D-461C-81BD-DDF0E9752183}] => (Allow) H:\Games\steamapps\common\War of the Human Tanks\War of the Human Tanks.exe (Fruitbat Factory & Yakiniku Banzai) [File not signed]
FirewallRules: [{8B82A881-8B03-4869-AA09-70F11C8C3EB0}] => (Allow) H:\Games\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{EC8EDADE-B5D5-424F-A6D0-5D16C0977058}] => (Allow) H:\Games\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [TCP Query User{9DEC9DD7-43CD-444E-8536-2D3D64F07F92}C:\users\zac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zac\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{10EDB50E-F5C0-4415-B771-988EFC18BCCF}C:\users\zac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zac\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7DDDB3B-5881-419A-8F5E-292A361DCFFC}] => (Allow) G:\Games\steamapps\common\Battlestar Galactica Deadlock\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{40D7FBEE-FCF0-434D-A0A8-AA5FC42310C7}] => (Allow) G:\Games\steamapps\common\Battlestar Galactica Deadlock\autorun.exe (Slitherine Software UK Limited -> Slitherine Publishing Ltd.)
FirewallRules: [{ED07B06F-467E-4B43-B9C9-F9520F99288F}] => (Allow) G:\Games\steamapps\common\TankMechanicSimulator\TankMechanicSimulator.exe () [File not signed]
FirewallRules: [{C9125CD2-A863-4F88-AC67-4E425609251A}] => (Allow) G:\Games\steamapps\common\TankMechanicSimulator\TankMechanicSimulator.exe () [File not signed]
FirewallRules: [{496AD818-7EE2-472D-B5BB-592FFB15541A}] => (Allow) G:\Games\steamapps\common\VC4\Valkyria4_x64.exe (SEGA) [File not signed]
FirewallRules: [{8568BFE6-2484-40F8-876C-BBE6DD17BDB3}] => (Allow) G:\Games\steamapps\common\VC4\Valkyria4_x64.exe (SEGA) [File not signed]
FirewallRules: [{DD2E249E-12E8-4359-8FE5-AD68E2D1FF11}] => (Allow) G:\Games\steamapps\common\Transport Fever 2\TransportFever2.exe () [File not signed]
FirewallRules: [{A664C378-92EC-4B68-BCA0-61C436B91210}] => (Allow) G:\Games\steamapps\common\Transport Fever 2\TransportFever2.exe () [File not signed]
FirewallRules: [{6536DD6E-2425-4EA7-93C6-BFA081903CFD}] => (Allow) G:\Games\steamapps\common\Yes, Your Grace\Yes, Your Grace.exe () [File not signed]
FirewallRules: [{C2A9CCE1-24D0-4D85-91A7-B99CEAFB56A8}] => (Allow) G:\Games\steamapps\common\Yes, Your Grace\Yes, Your Grace.exe () [File not signed]
FirewallRules: [{A76454EF-DCFA-4BF7-89CB-89DA94C0C70B}] => (Allow) G:\Games\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{94FA5998-8D82-44F4-A5E2-2474AAAF0F3B}] => (Allow) G:\Games\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{30A1E67B-7428-4D04-AC1B-89A172ADC41D}] => (Allow) G:\Games\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{7C4CA647-0FEA-4542-ACC3-01CD11B13966}] => (Allow) G:\Games\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{55B04E5D-8146-4438-B71F-D83027DF573C}] => (Allow) G:\Games\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{21BAF701-D02C-4FB7-9171-D657DC0DD1A0}] => (Allow) G:\Games\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{D297C768-E840-493D-889C-33E13A6C1AD6}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{D5FC31A8-7447-4CB6-AA55-471BEAACB869}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{842D55D1-421F-458A-99D7-A7009735A6CC}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{518FD43F-7513-48BD-A442-BA3ABFA4866A}] => (Allow) G:\Games\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{1D450A11-DCF4-4CA5-A382-599DAE40E0B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{477A53AA-A7C6-453E-A5A9-67F7ADDD2E24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{980D1437-A80E-4483-BB1E-145A5ACD602B}] => (Allow) H:\Games\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{467D32D6-3214-47A4-A4D7-430346776A8D}] => (Allow) H:\Games\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{42555361-7C5B-40CE-BFC6-165B8374FD96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLION\HELLION.exe () [File not signed]
FirewallRules: [{F2306DEB-76C7-4DD9-8B64-7020701E86CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HELLION\HELLION.exe () [File not signed]
FirewallRules: [{6D531526-7289-4CFB-BECD-60C9E14FB9B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony Rome\Hegemony Rome Launcher.exe () [File not signed]
FirewallRules: [{B2540E06-0E86-494C-8A36-A533C851DBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hegemony Rome\Hegemony Rome Launcher.exe () [File not signed]
FirewallRules: [{FD7415A4-D58D-4D28-806B-16224C0E23D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{60B8C27D-67B5-49B5-8D0C-4699F88C72A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{23B3286C-835F-4260-A1FD-FE808D3419A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{331544EE-F103-4E81-9688-B3A38B82BFB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{D3045D09-6520-4E2C-B567-263C5308EB17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{221E2DA9-6154-4F34-9CBC-41CBBA453A7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CEB6D12-F2C9-4F09-BA46-AA6EFB5BC4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A0F17C87-291B-44A8-9361-809177192F05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{456A7A8A-8032-4D56-8F17-5931B1EA907C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F06C9D57-5C07-4D75-976F-4B1BFE3142D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{9439F37E-3064-4F36-9222-DD7B62BB27F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{57E1FE1E-C9F4-48E2-88F2-71E07B1D5071}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interstellar Rift\Build\IRLauncher.exe () [File not signed]
FirewallRules: [{00DBDA05-65D2-4620-BAE0-046557F721E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interstellar Rift\Build\IRLauncher.exe () [File not signed]
FirewallRules: [{B938D85E-5120-4938-8294-3BE0864CF900}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
17-04-2020 18:35:31 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/20/2020 11:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (04/20/2020 11:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (04/20/2020 11:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (04/20/2020 11:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (04/20/2020 09:21:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bms.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 436c
 
Start Time: 01d616e782434a30
 
Termination Time: 4294967295
 
Application Path: H:\Games\steamapps\common\Black Mesa\bms.exe
 
Report Id: 74ece98d-79ae-459c-81e4-bc2226ee3854
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Cross-thread
 
Error: (04/20/2020 06:30:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bms.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2dc4
 
Start Time: 01d616cdf2edb67f
 
Termination Time: 4294967295
 
Application Path: H:\Games\steamapps\common\Black Mesa\bms.exe
 
Report Id: 938ebdec-5512-4d32-8247-19f2f5f9edbc
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
Error: (04/20/2020 03:44:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.620, time stamp: 0x5e8e029a
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5e8272e4
Exception code: 0xc0000005
Fault offset: 0x0000000000219d05
Faulting process ID: 0x3a88
Faulting application start time: 0x01d616bdad2be245
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report ID: cd23c6d5-d5c2-4ce3-9438-a97da5d6e644
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/20/2020 03:41:40 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
 
System errors:
=============
Error: (04/21/2020 08:05:43 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (04/20/2020 11:17:39 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (04/20/2020 11:09:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (04/20/2020 11:09:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (04/20/2020 11:09:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (04/20/2020 11:09:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (04/20/2020 11:09:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (04/20/2020 11:09:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
 
 
Windows Defender:
===================================
Date: 2019-08-14 21:26:49.862
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
 
Date: 2019-08-14 21:21:59.059
Description: 
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource: file:C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.cat
 
CodeIntegrity:
===================================
 
Date: 2020-04-21 15:20:01.542
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 15:20:01.539
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 15:20:01.537
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 15:20:01.534
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 15:20:01.529
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 14:20:01.598
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 14:20:01.595
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-04-21 14:20:01.592
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume9\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. P3.60 07/31/2019
Motherboard: ASRock B450 Pro4
Processor: AMD Ryzen 7 2700X Eight-Core Processor 
Percentage of memory in use: 48%
Total physical RAM: 16315.6 MB
Available physical RAM: 8398.73 MB
Total Virtual: 29627.6 MB
Available Virtual: 16683.72 MB
 
==================== Drives ================================
 
Drive c: (Local Disk) (Fixed) (Total:930.88 GB) (Free:254.17 GB) NTFS
Drive g: (SSD 2) (Fixed) (Total:931.41 GB) (Free:123 GB) NTFS
Drive h: (HDD) (Fixed) (Total:930.59 GB) (Free:621 GB) NTFS
 
\\?\Volume{f2a35a49-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{d1716c7c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{3764bf54-fcee-4af3-993f-659a2fd6659f}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.12 GB) NTFS
\\?\Volume{d1716c7c-0000-0000-0060-2bace8000000}\ () (Fixed) (Total:0.82 GB) (Free:0.4 GB) NTFS
\\?\Volume{1ed40aad-2301-42ba-9359-bdef267e039e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2A35A49)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D1716C7C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=843 MB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 036F16DD)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#10
Satchfan
Posted 21 April 2020 - 09:30 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

I'll look at those and get back to you but meanwhile, I think I may have discovered the problem.

 

Apparently, one of your extensions is causing the random redirects. If you uninstall it the redirects should stop.

Uninstall Chrome Extensions

  • open Google Chrome and type chrome://extensions in the address bar, then press Enter
  • click the trash can icon next to the following extension:


    Ratings Preview for YouTube

 

  • a confirmation dialog will appear, click Remove.

Give it time and let me know if that has solved the problem.


  • 0

Advertisements

#11
Satchfan
Posted 21 April 2020 - 01:15 PM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

Your logs look fine apart from restrictions on Firefox and Chrome. Are these settings controlled by someone else?


  • 0

#12
Legocadet
Posted 21 April 2020 - 02:26 PM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

I seem to have the bug for Chrome where it says its managed by an organisation, however apparently its a common bug


  • 0

#13
Satchfan
Posted 21 April 2020 - 02:36 PM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts

See this.


  • 0

#14
Legocadet
Posted 21 April 2020 - 08:06 PM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

It seems the help didn't work


Edited by Legocadet, 21 April 2020 - 08:10 PM.

  • 0

#15
Legocadet
Posted 21 April 2020 - 08:06 PM

Legocadet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts

Ignore this, this was a double post by mistake


Edited by Legocadet, 21 April 2020 - 08:10 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP