Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RunDLL issue


  • This topic is locked This topic is locked

#16
jonauwu

jonauwu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2020
Ran by Jonathan Mark Peteza (administrator) on LAPTOP-4N58D2U8 (HP OMEN by HP Laptop 15-ce0xx) (29-04-2020 10:38:34)
Running from D:\Users\Jonathan Mark Peteza\Downloads
Loaded Profiles: Jonathan Mark Peteza (Available Profiles: Jonathan Mark Peteza)
Platform: Windows 10 Home Single Language Version 1909 18363.815 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Garena Online Pte Ltd -> Garena Online ) C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_59a0a32410fb19a2\x64\OmenCap.exe
(HP Inc. -> HP Inc.) D:\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Logitech Inc -> ) C:\Program Files\LGHUB\logi_analytics_client.exe
(Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATILUE.EXE
(Shanghai Changzhi Network Technology Co., Ltd. -> ) C:\XuanZhi\LDPlayer\ldnews.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe
(TODO: <Company name>) [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\RAKK Lam-Ang Pro Mechanical Keyboard.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-03-07] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-02-06] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-27] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RazerCortex] => "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun
HKLM-x32\...\Run: [RAKK Lam-Ang Pro Mechanical Keyboard] => D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\RAKK Lam-Ang Pro Mechanical Keyboard.exe [1766400 2018-02-02] (TODO: <Company name>) [File not signed]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [238440 2020-04-27] (IDSA Production signing key -> Intel)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31740816 2020-04-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12476064 2019-01-11] (Samsung Electronics CO., LTD. -> )
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [Chromium] => "c:\users\jonathan mark peteza\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [Parsec.App.0] => C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_8.2.10.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe app_silent=1
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATILUE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [71464072 2020-01-23] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [LDNews] => C:\XuanZhi\LDPlayer\ldnews.exe [1309376 2020-04-23] (Shanghai Changzhi Network Technology Co., Ltd. -> )
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\RunOnce: [Application Restart #3] => D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\RAKK Lam-Ang Pro Mechanical Keyboard.exe [1766400 2018-02-02] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\RunOnce: [Adobe Speed Launcher] => 1588127854
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\MountPoints2: {150d2d1d-23fb-11ea-b652-80ce6250b9ca} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\MountPoints2: {4a941a7e-0b44-11ea-b5f2-80ce6250b9ca} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\MountPoints2: {68bae72b-513e-11ea-b6cc-80ce6250b9ca} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {143B2BA8-850B-4C40-AE3A-2D0ED1ABAA38} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2016-03-17] (Intel® Software -> Intel Corporation)
Task: {1D470E2F-7CE9-440C-A208-1AEB0098B2A6} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-03] (HP Inc. -> HP Inc.)
Task: {200E73BC-D9A8-4473-8752-7FF4D8C35CBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {30674AE8-0F4A-44E5-9018-C3D15595A59E} - System32\Tasks\{59DD2BB5-47F4-4941-B7CC-A1924C84760F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.41.0.101&LastError=404
Task: {319341D1-3869-44E0-9507-AFB7F88A6649} - System32\Tasks\gxx speed launcher => C:\Program Files (x86)\Garena\Garena\Garena.exe [457600 2019-07-02] (Garena Online Pte Ltd -> Garena Online )
Task: {3262A96A-4492-436B-A782-FF31884AC003} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35CC8195-9A52-4B02-BE9A-2AF295BB7848} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40F6AB1D-494A-46B8-83AE-C6F91675A6DA} - System32\Tasks\EPSON L120 Series Invitation {965C2044-E5E5-4ADF-8155-079939EF4005} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {47C6FB73-9780-4222-A95C-EC3428B28939} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4B22DFD9-B8CC-4C58-90B0-DD73645AE462} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [147320 2019-12-19] (HP Inc. -> HP Inc.)
Task: {5AB5FDB9-6728-4164-B8F1-D9ACEEC21967} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {671A5469-91F0-48CE-B921-512BA9DD7F98} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-07] (HP Inc. -> HP Inc.)
Task: {76E92688-F068-4C7B-8934-EFC50EBCDE41} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
Task: {786DF32E-A1B6-4755-ADF2-728204FD3AEA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DD72F8D-0ADC-4BE6-A5A8-EA6BF9AA7716} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {8CB90663-AAF5-4458-889B-F91346C7A365} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E7E2B8C-7AE8-4384-9DBA-5AD3A16A3468} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-16] (Google Inc -> Google Inc.)
Task: {90B3B4FF-BAEF-4B11-BB2A-5D0E3B8D4C34} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
Task: {A196053F-3E81-43C9-831F-C0C74ED478CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8CAF086-E203-4B73-A34A-0F0AD7628F96} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
Task: {AF445D3C-003A-4798-B28B-A659B700261F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-16] (Google Inc -> Google Inc.)
Task: {B7FF879E-A2D7-43BF-9E10-4BD74296FCE8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD241A29-0804-48CD-8F89-D660D1B9E1D3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {BD74F9C7-5128-4ED2-B190-295386182C5B} - System32\Tasks\EPSON L120 Series Update {965C2044-E5E5-4ADF-8155-079939EF4005} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {C2620774-44F9-4C07-B9E0-4978654489CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE34035B-F686-468E-B015-DCD32FF08BC9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5389E4B-8C66-4234-91A4-592DD0123DCF} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1359728 2017-10-26] (HP Inc. -> HP Development Company, L.P.)
Task: {D644F21E-4641-445A-A371-B9D86EA0B5C6} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {DAAD404B-7E46-4CEB-A833-4A1A00E61ECD} - System32\Tasks\UAC_X-VPN => C:\Program Files (x86)\X-VPN\X-VPN.exe [16445424 2020-03-24] (Free Connected Limited -> )
Task: {DDE861CA-8478-47CB-B1C0-FD5B88DC2AEB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBDF2B76-2A70-4E52-AED2-8061994B71B6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-28] (Avast Software s.r.o. -> Avast Software)
Task: {EEDFE42F-4246-4EDE-B516-A0121A83BEB9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {F1EF09E2-AA98-4CC0-A780-7AF63F2528E7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F97DA8AD-CBE3-4204-B94B-216464C1AE64} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON L120 Series Invitation {965C2044-E5E5-4ADF-8155-079939EF4005}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE
Task: C:\WINDOWS\Tasks\EPSON L120 Series Update {965C2044-E5E5-4ADF-8155-079939EF4005}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE:/EXE:{965C2044-E5E5-4ADF-8155-079939EF4005} /F:UpdateWORKGROUP\LAPTOP-4N58D2U8$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a3e757ac-74d6-42ef-b0c9-5233d97b9b54}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{cc6d8ac5-41c6-40ac-a9ca-4d482d3f37e8}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{da74ab2c-8181-4e87-a369-1710156b44df}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{fa9b27c8-e098-4c4e-9a67-165f07633b04}: [DhcpNameServer] 192.168.100.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2019-12-19] (HP Inc. -> HP Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2019-12-19] (HP Inc. -> HP Inc.)
 
FireFox:
========
FF DefaultProfile: 7to46cbq.default
FF ProfilePath: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Mozilla\Firefox\Profiles\7to46cbq.default [2020-04-29]
FF ProfilePath: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Mozilla\Firefox\Profiles\or8qb6zw.default-release [2020-04-29]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-21] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default [2020-04-29]
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Slides) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-18]
CHR Extension: (Docs) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-18]
CHR Extension: (Google Drive) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-18]
CHR Extension: (YouTube) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-18]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Bing) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-02-18]
CHR Extension: (Sheets) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-08]
CHR Extension: (Avast Online Security) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-18]
CHR Extension: (Gmail) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-02-18]
CHR Extension: (Chrome Media Router) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-08]
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-29]
CHR Notifications: Profile 1 -> hxxps://lighronlittheprat.pro; hxxps://mail.google.com; hxxps://mydcampus.dlsl.edu.ph; hxxps://p3.maranhesduve.club; hxxps://usecytonsmehers.info; hxxps://www.brainzilla.com; hxxps://www.razer.com
CHR DefaultSearchURL: Profile 1 -> hxxps://movie.searchmedia.club/search/?category=web&s=c1ds&vert=movie&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Films Search
CHR DefaultSuggestURL: Profile 1 -> hxxps://sug.searchmedia.club/search/index_sg.php?q={searchTerms}
CHR Extension: (Docs) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Google Drive) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-23]
CHR Extension: (YouTube) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-23]
CHR Extension: (TwoSeven Extension) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjdnfmjmdligcpfcekfmenlhiopehjkd [2020-04-24]
CHR Extension: (Films Search) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dipihnbjfgehkpoanipnejikkjhgjcin [2020-04-28]
CHR Extension: (RadioRage) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epnlgkkjhejkeibepmejlffjfelihenc [2020-04-28]
CHR Extension: (Metastream Remote) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2020-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-16]
CHR Extension: (Mega Media Start) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipppaabbmnphdfjcnbjjbmimefomegjd [2020-04-28]
CHR Extension: (Unseen for Facebook) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiomcgpfgkeefipihnplhadgdoollmap [2020-01-26]
CHR Extension: (Black red shards) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2018-08-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Netflix Party) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-04-18]
CHR Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oofgbpoabipfcfjapgnbbjjaenockbdp [2020-04-23]
CHR Extension: (Gmail) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-04-29]
CHR HomePage: Profile 2 -> msn.com
CHR StartupUrls: Profile 2 -> "hxxps://docs.google.com/forms/d/1DzUUKLFj0J-rVTR8KfG05ic6JJISyrcWN8Sd6cTvCAE/viewform"
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Slides) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-11]
CHR Extension: (Docs) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-11]
CHR Extension: (Google Drive) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-11]
CHR Extension: (YouTube) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-11]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-11]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-12-11]
CHR Extension: (Sheets) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-12-11]
CHR Extension: (Avast Online Security) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-11]
CHR Extension: (Black blue shards) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hgoflmajhinnohnhkfeggflmmppiilck [2019-12-11]
CHR Extension: (Search Manager) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ijahobfejgeblmkpcmgpelfibgnnjpil [2019-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-11]
CHR Extension: (Search Manager) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2019-12-11]
CHR Extension: (Gmail) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-11]
CHR Extension: (Chrome Media Router) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8469592 2020-03-04] (BattlEye Innovations e.K. -> )
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-31] (Realtek Semiconductor Corp.) [File not signed]
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39784 2020-04-27] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [153960 2020-04-27] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-04-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1651792 2017-10-27] (Intel Corporation -> Intel Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel® Software Development Products -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-03-17] (Mixbyte Inc -> Freemake)
R2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe [320512 2019-07-02] (Garena Online Pte Ltd -> Garena Online )
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\AppHelperCap.exe [515344 2020-03-27] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-07] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\NetworkCap.exe [514320 2020-03-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_59a0a32410fb19a2\x64\OmenCap.exe [502544 2020-02-05] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\SysInfoCap.exe [516880 2020-03-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\TouchpointAnalyticsClientService.exe [429008 2019-10-31] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-07-25] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [197264 2017-09-26] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [9847944 2020-01-23] (Logitech Inc -> Logitech, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC -> McAfee, LLC)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [200272 2020-03-26] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1738368 2020-04-21] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267552 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [738712 2019-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel® Software Development Products -> )
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-02-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel® Software Development Products -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [18736 2018-09-06] (Intel® Extreme Tuning Utility -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R2 aow_drv; D:\Program Files\TxGameAssistant\UI\3.21.598.100\aow_drv_x64_ev.sys [871296 2020-03-24] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2017-10-27] (Intel Corporation -> Intel Corporation)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [33352 2018-12-19] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1096192 2019-08-12] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70664 2017-07-25] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2020-04-23] (MyTestCertificate -> Oracle Corporation)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\35872\driver_cpu_temperature\logi_core_temp.sys [25448 2020-01-23] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-01-16] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [20624 2020-01-16] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-01-16] (Logitech Inc -> Logitech)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-07] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_789dc510781607ea\nvlddmkm.sys [23446968 2020-04-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010624 2018-05-22] (Realtek Semiconductor Corp. -> Realtek )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [62440 2017-10-10] (Realtek Semiconductor Corp. -> Realtek)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [787232 2019-11-30] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [783328 2017-06-09] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-06-09] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11722328 2019-12-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [45144 2017-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46680 2017-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-04-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2020-04-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [582032 2020-04-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-04-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-04-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-29] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-04-13] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation -> Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-29 06:57 - 2020-04-29 10:39 - 000000000 ____D C:\FRST
2020-04-28 10:43 - 2020-04-28 10:43 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 004129424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 022637056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 018028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 007267328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 006522840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 006291968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 006079184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 005109760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-28 10:42 - 2020-04-28 10:42 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001734144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001667600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000783488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000673488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-28 10:42 - 2020-04-28 10:42 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000211472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-28 10:41 - 2020-04-28 10:41 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 007899528 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 006434304 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 004009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002461696 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002255136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000915208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000460408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 003587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000874312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000631608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-04-28 10:40 - 2020-04-28 10:40 - 000589400 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000450280 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000346856 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-04-25 18:04 - 2020-04-12 05:54 - 011945872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-04-25 18:04 - 2020-04-12 05:54 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 017601632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 015158384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 005855856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 005159520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 002074232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001722480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444587.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001566328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001483376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001481328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001142200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001048504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000817080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000811448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000679864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000655312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000546744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000543160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-04-25 18:04 - 2020-04-12 05:51 - 004195688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-04-25 16:38 - 2020-04-25 17:25 - 000000618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rules of Survival.lnk
2020-04-23 20:22 - 2020-04-23 20:22 - 000000068 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\changzhi_leidian.data
2020-04-23 20:22 - 2020-04-23 20:22 - 000000000 ____D C:\Users\Jonathan Mark Peteza\.Ld2VirtualBox
2020-04-23 19:16 - 2020-04-23 19:16 - 000000827 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\LDMultiPlayer4.lnk
2020-04-23 19:16 - 2020-04-23 19:16 - 000000802 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\LDPlayer4.lnk
2020-04-23 19:16 - 2020-04-23 19:16 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer4
2020-04-23 19:16 - 2020-04-23 19:16 - 000000000 ____D C:\Program Files\ldplayerbox
2020-04-23 19:15 - 2020-04-23 20:22 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\XuanZhi
2020-04-23 19:12 - 2020-04-23 19:12 - 000000000 ____D C:\XuanZhi
2020-04-23 19:11 - 2020-04-23 20:23 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\ChangZhi2
2020-04-23 19:10 - 2020-04-23 19:10 - 000000000 ____D C:\Users\Public\BlueStacks
2020-04-23 19:10 - 2020-04-23 19:10 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\BlueStacksSetup
2020-04-22 19:48 - 2020-04-22 19:48 - 000000612 _____ C:\Users\Jonathan
2020-04-22 19:45 - 2020-04-22 19:56 - 000000000 ____D C:\Users\Jonathan Mark Peteza\Downloads\MEmu Download
2020-04-22 19:44 - 2020-04-22 19:57 - 000000000 ____D C:\Program Files (x86)\Microvirt
2020-04-22 19:44 - 2020-04-22 19:44 - 000000222 _____ C:\Users\Jonathan Mark Peteza\Desktop\TerraTech.url
2020-04-21 13:57 - 2020-04-21 13:57 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-04-21 13:57 - 2020-04-21 13:57 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Ubisoft Game Launcher
2020-04-21 13:57 - 2020-04-21 13:57 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2020-04-17 18:50 - 2020-04-17 18:50 - 000000219 _____ C:\Users\Jonathan Mark Peteza\Desktop\Counter-Strike Global Offensive.url
2020-04-17 18:06 - 2020-04-17 18:06 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-17 18:06 - 2020-04-17 18:06 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-17 18:06 - 2020-04-17 18:06 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-17 18:05 - 2020-04-17 18:05 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-17 18:05 - 2020-04-17 18:05 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-17 18:05 - 2020-04-17 18:05 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-17 18:01 - 2020-04-17 18:01 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-17 18:01 - 2020-04-17 18:01 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-16 11:55 - 2020-04-16 11:56 - 000000000 ____D C:\ProgramData\Betternet
2020-04-16 11:55 - 2020-04-16 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc
2020-04-16 11:55 - 2020-04-16 11:55 - 000000000 ____D C:\Program Files (x86)\Betternet
2020-04-16 11:38 - 2020-04-16 11:38 - 000003124 _____ C:\WINDOWS\system32\Tasks\UAC_X-VPN
2020-04-16 11:38 - 2020-04-16 11:38 - 000001921 _____ C:\Users\Public\Desktop\X-VPN.lnk
2020-04-16 11:38 - 2020-04-16 11:38 - 000001921 _____ C:\ProgramData\Desktop\X-VPN.lnk
2020-04-16 11:38 - 2020-04-16 11:38 - 000000000 ____D C:\usr
2020-04-16 11:38 - 2020-04-16 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-VPN
2020-04-16 11:37 - 2020-04-16 11:38 - 000000000 ____D C:\Program Files (x86)\X-VPN
2020-04-14 12:21 - 2020-04-22 19:34 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\LocalLow\uTorrent
2020-04-13 17:07 - 2020-04-13 17:09 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Riot Games
2020-04-13 17:07 - 2020-04-13 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-04-13 17:07 - 2020-04-13 17:07 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-04-13 17:07 - 2020-04-13 17:07 - 000000000 ____D C:\Riot Games
2020-04-05 22:59 - 2020-04-09 16:55 - 000582032 _____ (TENCENT) C:\WINDOWS\system32\Drivers\UniSafe.sys
2020-03-30 14:22 - 2020-03-30 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-03-30 14:22 - 2020-03-30 14:22 - 000000000 ____D C:\Program Files\Logitech
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-29 10:39 - 2018-08-03 14:19 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-29 10:38 - 2018-08-27 20:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-29 10:37 - 2020-01-16 11:06 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\LGHUB
2020-04-29 10:37 - 2020-01-16 11:06 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\LGHUB
2020-04-29 10:37 - 2019-07-18 11:42 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\LogMeIn Hamachi
2020-04-29 10:37 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-29 10:37 - 2018-08-17 19:58 - 000000000 __SHD C:\Users\Jonathan Mark Peteza\IntelGraphicsProfiles
2020-04-29 10:36 - 2019-06-14 17:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-29 10:36 - 2019-03-19 12:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-04-29 10:15 - 2019-06-14 17:57 - 000936876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-29 10:15 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-29 10:14 - 2019-02-08 20:37 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-04-29 09:52 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-04-29 07:57 - 2018-08-20 22:17 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-29 07:04 - 2019-10-18 08:57 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-04-29 07:04 - 2018-08-03 14:17 - 000000000 ____D C:\Program Files (x86)\Intel
2020-04-29 07:04 - 2017-11-16 17:03 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-29 06:42 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-29 06:42 - 2018-08-17 19:58 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Packages
2020-04-29 06:42 - 2018-08-17 00:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\CrashDumps
2020-04-29 06:40 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-28 18:30 - 2019-06-14 17:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-28 16:23 - 2019-06-14 17:59 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E812C209-8FA7-4232-B9DE-D65AA0B8EC4C}
2020-04-28 12:11 - 2018-08-20 22:43 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-28 11:39 - 2018-09-15 19:28 - 000000000 ____D C:\swsetup
2020-04-28 11:39 - 2017-11-16 17:05 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-04-28 11:29 - 2018-09-15 19:29 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\PlaceholderTileLogoFolder
2020-04-28 11:21 - 2018-08-17 19:58 - 000000000 ___RD C:\Users\Jonathan Mark Peteza\3D Objects
2020-04-28 11:21 - 2017-10-06 07:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-28 11:20 - 2019-06-14 17:52 - 000444944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\PerfLogs
2020-04-28 10:55 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-28 10:00 - 2018-08-17 02:41 - 000000000 ____D C:\Users\Public\Logi
2020-04-27 23:09 - 2018-08-03 14:21 - 000000000 ____D C:\ProgramData\Realtek
2020-04-26 10:41 - 2018-08-17 00:58 - 000028600 _____ C:\WINDOWS\system32\UsrRules.bin
2020-04-25 18:24 - 2019-01-24 13:29 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\.minecraft
2020-04-25 18:24 - 2019-01-24 13:28 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\.tlauncher
2020-04-25 18:06 - 2018-12-30 16:05 - 000000000 ____D C:\temp
2020-04-25 18:06 - 2018-08-21 17:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\NVIDIA
2020-04-25 17:54 - 2018-08-26 10:04 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\CC
2020-04-24 19:52 - 2018-08-16 23:48 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-23 20:22 - 2019-06-14 17:54 - 000000000 ____D C:\Users\Jonathan Mark Peteza
2020-04-23 19:10 - 2019-08-17 09:35 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Bluestacks
2020-04-22 22:16 - 2018-09-01 18:52 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\uTorrent
2020-04-22 19:48 - 2019-08-04 14:53 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2018-08-21 17:13 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Nox
2020-04-22 19:48 - 2018-08-03 14:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-22 19:48 - 2018-08-03 14:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-22 19:48 - 2018-08-03 14:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-22 19:44 - 2018-09-15 19:28 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\HP_Inc
2020-04-22 19:44 - 2018-08-21 17:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\.android
2020-04-22 19:34 - 2019-04-07 22:35 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\BitTorrentHelper
2020-04-21 18:15 - 2018-11-03 08:26 - 000007596 _____ C:\Users\Jonathan Mark Peteza\AppData\Local\Resmon.ResmonCfg
2020-04-21 17:00 - 2018-11-25 15:13 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\ElevatedDiagnostics
2020-04-21 14:26 - 2019-08-01 19:40 - 000000000 ____D C:\Program Files\Rockstar Games
2020-04-21 14:26 - 2019-08-01 19:40 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-04-21 14:00 - 2018-12-13 12:31 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\EpicGamesLauncher
2020-04-18 03:25 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 11:35 - 2019-06-14 17:59 - 000003410 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3214707409-3252344327-2410781183-1001
2020-04-16 11:35 - 2019-06-14 17:54 - 000002419 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-16 11:35 - 2018-08-17 19:59 - 000000000 ___RD C:\Users\Jonathan Mark Peteza\OneDrive
2020-04-13 17:09 - 2019-02-11 16:18 - 000000000 ____D C:\ProgramData\Riot Games
2020-04-12 05:53 - 2019-10-25 22:18 - 023446968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-04-12 05:52 - 2019-10-25 22:18 - 004927960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-04-09 22:02 - 2019-06-07 11:18 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-04-09 15:26 - 2019-08-28 11:03 - 000000298 _____ C:\Users\Jonathan Mark Peteza\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2020-04-09 14:38 - 2019-06-26 14:54 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\NoxSrv
2020-04-09 14:38 - 2018-08-21 17:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\vmlogs
2020-04-09 12:21 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Registration
2020-04-09 11:53 - 2019-06-26 14:45 - 000000084 _____ C:\Users\Jonathan Mark Peteza\AppData\Local\update_progress.txt
2020-04-09 11:42 - 2019-06-26 14:58 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\NoxPopup
2020-04-08 12:09 - 2018-08-29 09:47 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\vlc
2020-04-08 10:06 - 2018-09-02 13:00 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Roblox
2020-04-08 01:58 - 2019-08-04 14:53 - 002799416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-04-08 01:58 - 2019-08-04 14:53 - 002159592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-04-08 01:58 - 2019-08-04 14:53 - 001314792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2020-04-05 22:59 - 2019-10-03 08:13 - 000812208 _____ (TENCENT) C:\WINDOWS\system32\Drivers\tesrsdt.sys
2020-04-05 22:54 - 2019-10-03 07:49 - 000000883 _____ C:\Users\Jonathan Mark Peteza\Desktop\Gameloop.lnk
2020-04-05 19:37 - 2019-10-03 08:13 - 000555064 _____ (TENCENT) C:\WINDOWS\system32\TesSafe.sys
2020-04-04 13:13 - 2020-01-23 16:36 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-04-04 13:13 - 2020-01-23 16:36 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-04-04 13:13 - 2020-01-23 16:36 - 000000000 ____D C:\Program Files\LGHUB
2020-04-04 08:21 - 2019-10-25 22:18 - 000057237 _____ C:\WINDOWS\system32\nvinfo.pb
2020-04-04 05:56 - 2019-10-25 22:21 - 005581808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-04-04 05:56 - 2019-10-25 22:21 - 002631664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 001172464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 000446264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 000074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-04-03 18:08 - 2019-10-25 22:21 - 009037867 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-03-30 14:57 - 2019-03-10 12:54 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Spotify
2020-03-30 14:57 - 2019-03-06 09:27 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Spotify
2020-03-30 14:22 - 2018-08-17 02:42 - 000000000 ____D C:\ProgramData\LogiShrd
2020-03-30 14:22 - 2018-08-17 02:40 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Logishrd
 
==================== Files in the root of some directories ========
 
2018-10-13 19:50 - 2018-10-13 19:50 - 000066790 _____ () C:\Program Files (x86)\hyxd_license.htm
2020-04-23 20:22 - 2020-04-23 20:22 - 000000068 _____ () C:\Users\Jonathan Mark Peteza\AppData\Roaming\changzhi_leidian.data
2020-01-17 09:00 - 2020-01-17 09:08 - 000000085 _____ () C:\Users\Jonathan Mark Peteza\AppData\Roaming\~SiMPLEX.ini
2020-01-25 19:58 - 2020-01-25 20:02 - 000000084 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\Autosofted License.txt
2018-08-17 04:50 - 2018-08-17 04:50 - 000140800 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\installer.dat
2018-09-29 14:38 - 2018-09-29 14:38 - 000000000 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\oobelibMkey.log
2018-11-03 08:26 - 2020-04-21 18:15 - 000007596 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\Resmon.ResmonCfg
2019-06-26 14:45 - 2020-04-09 11:53 - 000000084 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\update_progress.txt
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Jonathan Mark Peteza (29-04-2020 10:40:11)
Running from D:\Users\Jonathan Mark Peteza\Downloads
Windows 10 Home Single Language Version 1909 18363.815 (X64) (2019-06-14 09:59:35)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3214707409-3252344327-2410781183-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3214707409-3252344327-2410781183-503 - Limited - Disabled)
Guest (S-1-5-21-3214707409-3252344327-2410781183-501 - Limited - Disabled)
Jonathan Mark Peteza (S-1-5-21-3214707409-3252344327-2410781183-1001 - Administrator - Enabled) => C:\Users\Jonathan Mark Peteza
WDAGUtilityAccount (S-1-5-21-3214707409-3252344327-2410781183-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Auto Keyboard v6.3 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 6.3 - MurGee.com)
Betternet for Windows 5.4.0.434 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF9CB03A4C}) (Version: 5.4.0.434 - Betternet Technologies Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brackets (HKLM-x32\...\{090BE437-6981-4002-8D90-ED9D47AEDE11}) (Version: 1.14.17752 - brackets.io)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Creative Destruction version 3.0.39 (HKLM-x32\...\{24904964-4247-4EBE-BC79-21D7FF68C6A0}_is1) (Version: 3.0.39 - My Company, Inc.)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON L120 Series Printer Uninstall (HKLM\...\EPSON L120 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1907.0210 - Garena)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto V (HKLM\...\Grand Theft Auto V_is1) (Version: 1.0.877.1 - )
GRID Autosport - Complete (HKLM-x32\...\GRID Autosport - Complete_is1) (Version:  - )
HitFilm Movie Essentials Pack (HKLM\...\{8343E462-0806-4A31-B061-8B10FD66BF45}) (Version: 1.0.6712.56130 - FXHOME)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.16.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8}) (Version: 2.22.2 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{A74C2A80-0052-4CDD-AAF0-39A85804C314}) (Version: 20.4.17.5 - Intel) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{275588D7-6C9D-4FB0-BBAE-2FA3F7C2DADB}) (Version: 6.4.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{6a0def1c-f6f2-4a5d-81f6-a1b858352c8b}) (Version: 6.4.1.25 - Intel Corporation)
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.9 - HP Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.2.1002 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{41112465-3c4f-42bb-9a61-39f7f509f8f8}) (Version: 20.4.17.5 - Intel)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer4) (Version: 4.0.23 - XUANZHI INTERNATIONAL CO., LIMITED)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.154 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.)
MediaHuman Audio Converter version 1.9.7 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7 - MediaHuman)
Microsoft OneDrive (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{171B3EB7-1B5D-4422-9460-8D95CF2508DB}) (Version: 1.11.2 - Mojang (By OfficialHawk)) Hidden
Minecraft (HKLM-x32\...\Minecraft 1.11.2) (Version: 1.11.2 - Mojang (By OfficialHawk))
Mozilla Firefox 70.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 70.0.1 (x64 en-US)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
NewBlue Filters 5 Ultimate (HKLM-x32\...\NewBlue Filters 5 Ultimate) (Version: 5.0 - NewBlue)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAKK Lam-Ang Pro Mechanical Keyboard (HKLM-x32\...\RAKK Lam-Ang Pro Mechanical Keyboard) (Version: V1.00 - RAKK Lam-Ang Pro FineTuner)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.156 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Roblox Player for Jonathan Mark Peteza (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.20.241 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.4 - Rockstar Games)
Rules of Survival version 1.385129.391438 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.385129.391438 - Hong Kong Netease Interactive Entertainment Limited)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.244 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SetupVPN 0.4.0 (only current user) (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\f8c0fbbe-5e62-535c-b687-54387a5b3b06) (Version: 0.4.0 - VPN1 LLC, USA)
Spotify (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop version 1.8.11 (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.11 - Telegram FZ-LLC)
The Forest (HKLM-x32\...\The Forest_is1) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F94A5095-E4DD-4ED8-AB0B-BFAC62176F8C}) (Version: 2.49.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 102.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio Professional 2017 (HKLM-x32\...\7ab1f306) (Version: 15.8.28010.2046 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vs_minshellmsi (HKLM-x32\...\{D98207CC-2AF6-474C-8375-9735AB86B7EB}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
X-VPN (HKLM-x32\...\X-VPN) (Version: 64.0 - Free Connected Limited)
 
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_2.1.200.2_x86__h6adky7gbf63m [2020-03-21] (Gameloft SE)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.166.400.0_x86__kgqvnymyfvs32 [2020-04-17] (king.com)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
GT Racing 2: The Real Car Experience -> C:\Program Files\WindowsApps\GAMELOFTSA.GTRacing2TheRealCarExperience_1.2.7.3_x86__0pp20fcewvvtj [2019-12-21] (GAMELOFT  SA)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.34.3400.0_x86__ytsefhwckbdv6 [2020-03-27] (G5 Entertainment AB)
Hotspot Shield Free VPN -> C:\Program Files\WindowsApps\6F71D7A7.HotspotShieldFreeVPN_2.5.2.0_x64__nsbqstbb9qxb6 [2019-11-20] (AnchorFree Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2018-08-03] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-08] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.6.598.0_x64__v10z8vjag6ke6 [2020-04-09] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.4.0_x64__v10z8vjag6ke6 [2020-02-22] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-04-06] (Instagram)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)
Modern Combat Versus -> C:\Program Files\WindowsApps\A278AB0D.ModernCombatVersus_1.15.120.0_x86__h6adky7gbf63m [2020-04-27] (Gameloft SE)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-22] (Microsoft Corporation)
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.8.0.0_x86__crhqpqs3x1ygc [2019-11-07] (PicsArt Inc.) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4F78A44B1D39} -> [Creative Cloud Files] => C:\Users\Jonathan Mark Peteza\Creative Cloud Files [2019-05-13 23:56]
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxDTCM.dll [2018-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-04-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll -> No File
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\ok - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2020-03-08 19:30 - 2020-03-08 19:30 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\d555984625315f878c5277396dfd06e7\Interop.IWshRuntimeLibrary.ni.dll
2020-01-17 09:10 - 2020-01-17 09:10 - 032162304 _____ () [File not signed] C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96\DropboxUniversal.dll
2019-01-26 15:46 - 2019-01-26 15:49 - 001123840 _____ () [File not signed] C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96\e_sqlite3.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2020-03-28 20:18 - 2020-03-28 20:18 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\c61fa8472368324d67b52723ced03e57\BRIDGECommon.ni.dll
2020-03-08 19:29 - 2020-03-08 19:29 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\d5a263d0a9bacb2ea06ad791453afa67\BridgeExtension.ni.dll
2020-03-08 19:29 - 2020-03-08 19:29 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\19560b24dff7e63228c815cdf532cc5f\CleanStartController.ni.dll
2020-03-08 19:29 - 2020-03-08 19:29 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0759b01c07957225f8533a468fca215b\RegistrationUtilities.ni.dll
2018-11-05 09:43 - 2018-11-05 09:43 - 000204800 _____ () [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\bin\GK\SonixHidDll.dll
2017-06-29 14:27 - 2017-06-29 14:27 - 000204288 _____ () [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\bin\GM\SonixHidDll.dll
2018-08-24 15:44 - 2018-08-18 17:40 - 098275328 _____ () [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-08-24 15:44 - 2018-08-18 17:40 - 000092672 _____ () [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-08-24 15:44 - 2018-08-18 17:40 - 003922432 _____ () [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-03-08 19:30 - 2020-03-08 19:30 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\34ecf12dd95b6dad31aaae60798b3852\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-02-22 22:18 - 2020-02-22 22:18 - 000015360 ____X (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2020-03-08 19:29 - 2020-03-08 19:29 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\b8d6337751d6f079112f1a5713d2a1c0\CommonPortable.ni.dll
2020-03-08 19:30 - 2020-03-08 19:30 - 001585152 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\9d33f83df898b480f4169ea37ae42247\NAudio.ni.dll
2020-03-08 19:14 - 2020-03-08 19:14 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\848d8ad61c8f4641f1cdd1c8ae45e036\Newtonsoft.Json.ni.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 001660416 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\css.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 002022912 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\cwt.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 001659904 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\messageprompter.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 001648640 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\messageprovider.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 001655808 _____ (SONiX Technology Co., Ltd.) [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\Bin\Plugin.dll
2020-03-08 19:30 - 2020-03-08 19:30 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\caf078acd3d782d23232ed91e67c1154\log4net.ni.dll
2018-08-24 15:44 - 2018-08-17 22:39 - 000547840 _____ (The Chromium Authors) [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 001651200 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\dialoginvoker.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001633792 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gamingforceledsyncer.dll
2018-03-01 15:08 - 2018-03-01 15:08 - 001665024 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gamingforcemain.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 001656832 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardmacro.dll
2018-03-01 15:06 - 2018-03-01 15:06 - 002036224 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardmain.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 002195968 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardpersister.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001723904 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardprofile.dll
2018-03-01 15:08 - 2018-03-01 15:08 - 001652736 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardskin.dll
2018-03-01 15:10 - 2018-03-01 15:10 - 001669632 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardwriter.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001656320 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousemacro.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001936384 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousemain.dll
2018-03-01 15:04 - 2018-03-01 15:04 - 002195456 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousepersister.dll
2018-03-01 15:04 - 2018-03-01 15:04 - 001701888 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmouseprofile.dll
2018-03-01 15:04 - 2018-03-01 15:04 - 001664000 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmouseskin.dll
2018-03-01 15:03 - 2018-03-01 15:03 - 001656832 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousewriter.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 21:46 - 2018-10-17 13:07 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
2019-02-04 16:39 - 2019-02-04 16:39 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;D:\Brackets\command
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\Control Panel\Desktop\\Wallpaper -> D:\Users\Jonathan Mark Peteza\Downloads\firewatch_inspired-wallpaper-2560x1080.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Local Area Connection* 12: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "SideSync"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F895E3C3-CB00-4E34-A0F5-F99CD83131AC}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{C3DDDBFA-E241-46A1-8BC0-0BE7E4BA1D9F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{1200840D-6093-445D-AE4E-98392131C817}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{E84CCA5C-2FEC-4458-AE1B-398FC808C92C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [UDP Query User{371E3EEE-F9DF-4B96-A303-18DB7369A923}D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe No File
FirewallRules: [TCP Query User{7D3D7ABC-D5AC-4E1D-BD41-ACAE58349F3A}D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe No File
FirewallRules: [UDP Query User{B93CD105-3007-4EFB-9F51-B757CC88B51D}D:\rime\rime\sirengame\binaries\win64\rime.exe] => (Allow) D:\rime\rime\sirengame\binaries\win64\rime.exe No File
FirewallRules: [TCP Query User{02BF6F68-3B03-42B4-A6A3-B34C34AF19CD}D:\rime\rime\sirengame\binaries\win64\rime.exe] => (Allow) D:\rime\rime\sirengame\binaries\win64\rime.exe No File
FirewallRules: [UDP Query User{A58506B1-E32A-4BCD-97D1-837AC5799265}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [TCP Query User{560BC0A6-6055-4455-B7FB-61C6576CA675}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [UDP Query User{0C1534F3-BA5D-4D4F-8C31-D96652A49D40}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{217AA0B9-E292-4DE3-A2EF-7487261C198A}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{FC5CE6A8-7641-4DB6-B3FC-7E2B248B272E}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{3FCAB9AA-DF1D-4D00-923D-2C8AAE5C50CE}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{34DB9D6E-0F45-426D-811C-52486EF804F7}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Block) C:\program files (x86)\samsung\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{8A7A053C-4183-4FD1-84CF-856F5E6BDB1C}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Block) C:\program files (x86)\samsung\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BFF9E5F2-BF75-49C4-AE4C-8F35D95C5BF9}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5D936E5F-6D84-4CEE-A94B-5C8286CA6C48}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{CD5671AD-C169-40AD-8149-F242D15BEF77}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1904.0511\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
FirewallRules: [UDP Query User{27D620FB-06E0-4A21-8DBA-38192533272A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{ED97ACEB-81B4-4751-9FBC-1724F12CD2DD}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{71A8BCAD-947F-486C-A37E-F414004BAB33}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{55EC2B93-4E69-411A-A703-9FA5C77DD070}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{BD249571-C4D8-4BE9-A8D5-AA0A49BDB6D9}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [TCP Query User{FF0D3326-708E-4123-B67C-A0D73C61B811}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{FF2DEA5E-FE84-4BC8-9FA9-639E86E84761}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{1A3E1252-C457-403D-BB9E-7443F0ABA899}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{84690327-B645-4958-B27E-ED260FC250BE}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{1FAC6F46-5EF5-4CF2-A49D-5FEE50F7C4AF}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{DB74CA7F-7B52-4195-81A4-0D7010E05EC0}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E83B73B4-DB32-4626-9EEF-6AB645517FCF}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{BDF250B2-7BDD-459F-A7E8-90EB7AD89C69}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{FE815FFE-D6A0-43E6-BA0D-9473A0001F6D}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{76EFE0BD-97AA-41B6-AC47-1EFE770E1DB9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0E55134B-819A-4592-9345-64E79C4A3772}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F4274DAF-21AE-4AFD-87B6-B6709B955332}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{E87D886C-BE05-4102-A030-9D7229E1FA2E}D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{7B171A83-0A84-4126-9B6E-29BA29969F07}D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{10BECDBB-3A8D-41D0-886E-047F65524FC8}D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{B42597AA-D812-4354-9E55-3E56D9124F52}D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{3657FB77-085D-434C-9CC4-8941C42DD4E1}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1902.0110\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
FirewallRules: [UDP Query User{A4D6E769-9227-46A4-AE3E-DC733E3E13E1}D:\32774\leagueclient\leagueclient.exe] => (Allow) D:\32774\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{5A8558AB-BE27-4553-9DCE-C43D81250BE1}D:\32774\leagueclient\leagueclient.exe] => (Allow) D:\32774\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{E2F3D88E-58B1-4C5A-93B1-9D1A4F8C89C4}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1812.2810\gxxsvc.exe No File
FirewallRules: [UDP Query User{AD52AE69-DE9F-4CF4-906B-61C4A452921E}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [TCP Query User{5C8828C5-4286-4A59-9096-3E4C93C911FA}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{6F0957D9-E52B-48F1-8A0A-B8C1632DF415}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C165FA88-3357-4754-A1DB-781B9E6DAB17}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E2ABA2CD-8325-4C47-BAE0-7587EEAE5BF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{45D64A72-07B4-4F58-8D15-A02186FD1B1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D8D064E0-3B0E-4BB2-B4ED-80B787774900}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [TCP Query User{8C6B5FCB-7555-4E3E-9E31-B2A05A4258FD}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{6E5CB063-F1F0-4301-8047-041CCF64830F}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [TCP Query User{3FCB256B-CE16-48CF-83AA-E187BBEA6833}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{5A1310D2-B4B1-4815-8CEC-7BA9B7706AC3}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{70F56BC3-8B8C-4CA0-B9A7-436881E4AD8B}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{2743051B-E126-49EC-8B8F-897303110567}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{2AB59DD9-E705-429B-BF82-80D8D8B37BF6}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [{21D26C50-96B7-429D-B0A5-8C5448D4651F}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
FirewallRules: [{6DE58A09-0C93-46F0-A0FE-C7FE9493EB4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0A1D64D2-D5C1-4DDD-A19B-8EC3FAD732E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{F60C7886-C487-429B-996B-DC3539FDAF3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FAFFD965-A068-49EF-9B07-7AEE733A32CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{9C6015AC-AB3C-4592-9FA4-BCC1031A53E3}C:\creative destruction\client.exe] => (Allow) C:\creative destruction\client.exe No File
FirewallRules: [TCP Query User{71F226A4-C42B-4A8F-B54A-DB63FC1D3491}C:\creative destruction\client.exe] => (Allow) C:\creative destruction\client.exe No File
FirewallRules: [UDP Query User{98BDC334-0461-4FA4-8E19-35B1EA471888}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{F72A7864-880A-41FE-894D-FB6DBE423EBB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{A65342E4-20A3-4EC1-93CD-A13D4A3BD787}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [UDP Query User{4C771429-8A46-409C-9EC4-DEAC63FAA450}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{59948C47-DBB8-439A-BA32-F8287F02E9C6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{F8F4DD74-3D0D-4A13-A624-F4F9023EDDF0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{ED721702-D0B9-4096-A585-720366DAD3AA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{45DDB473-3C10-424C-9C58-B300214E0E21}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe No File
FirewallRules: [TCP Query User{93CE391D-4BF6-4092-8374-6FF3DD0F6AC3}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe No File
FirewallRules: [UDP Query User{DCF6E920-DE7C-4C5F-B70E-8664B43A12F9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [TCP Query User{6E667BFA-7810-484F-BB1E-C692A34BE395}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [{A6C724C9-7911-4C15-AB1C-D59F58080048}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File
FirewallRules: [{67E36115-46B4-4A70-AD8F-DF298C07CAA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [{0A20B95D-4C87-4311-B4FD-F162E4D4623B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5919955A-0D63-4EE3-93B7-9A3376A52A82}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{40489F30-8F64-4BED-888A-1D2B40284E58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1AA2EC55-0726-445D-AA58-6DADFFE37FAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F9D017E-7F9A-4EC3-AE78-EB7E6A2764D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{434A3B94-A0BA-488E-B771-16BFA7875E06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B33615A6-3015-4149-9002-A08CF342A23D}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{2BE6999D-34C7-424E-A4CA-1F9D9B553FD6}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{0AFFAA1A-D519-4A82-9D9C-F5C1F2956645}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{EFB2AC2F-F285-4D8E-A90E-B5FDA7CAA17D}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe No File
FirewallRules: [{27BDF763-49E3-4906-9A8A-22255EB80472}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{1D6DDBC3-D491-49DC-928A-6AD3F8CE5DDF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [TCP Query User{9EB2401B-46D6-4ADA-936A-5BC1D0CEEF0C}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{4063D9CD-50CB-4677-8C58-4352D6FC1DF9}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [TCP Query User{7AEA04B6-E63D-4C42-851A-269C547EDA21}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{DF27A0BA-BF23-4204-AD01-099C6528AD61}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [TCP Query User{63FEBC0A-3373-413A-9A06-2354C9DDDCBE}D:\creative destruction\client.exe] => (Allow) D:\creative destruction\client.exe No File
FirewallRules: [UDP Query User{ECA0308C-B32E-4FBC-87A7-E6E34C18968C}D:\creative destruction\client.exe] => (Allow) D:\creative destruction\client.exe No File
FirewallRules: [{66A19A8A-FC7E-4F1C-8EC1-D7FFBEC3891F}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{FEE7EC83-7B69-4EF0-B5A9-13C448AA5BAC}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [TCP Query User{B8C758CC-9AFF-47DE-910C-5E15220190B1}D:\creative destruction\ccmini\ccmini.exe] => (Allow) D:\creative destruction\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{1BE0E910-659D-432A-B17A-BF29E5DE070D}D:\creative destruction\ccmini\ccmini.exe] => (Allow) D:\creative destruction\ccmini\ccmini.exe No File
FirewallRules: [TCP Query User{416D9DD1-BEE8-4303-BF84-62E5BB34FC04}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{75DBE7F5-35C5-4EC7-A5AF-8171492E0E7A}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E2950314-9C50-409B-954E-AD48218F1CD8}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7BED151B-C3A8-4470-BF90-15E4225436F4}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{2ABE3686-0FA2-438F-B73B-727B65B7B1F6}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9CD4A29B-A7AD-4596-8BC1-6ABAC612DF15}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F9E9FD04-749D-4DD8-8CE6-BF6849CCFDE8}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [UDP Query User{06B45B53-53DC-476D-9BD9-E524E764056A}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [TCP Query User{546F7A5F-CE30-4C09-9EBE-6EA8416161CB}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [UDP Query User{74AD10E2-0D93-4BE7-B1AA-CB3914325EED}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [TCP Query User{687C978C-C017-4E8F-99EB-E0D730F9AFE5}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [UDP Query User{FD9EE1AC-3583-4DEE-8B19-928C8CA66BC0}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [{701E679B-33A4-4495-95E3-57215E7A3EC5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [{4BAA9829-A93A-40D6-AA0A-00A7F0F31EAB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [{88363EC8-CC31-4777-97A8-8534AB0FFF17}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [{54B8A349-362F-486B-B302-026C67169568}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [TCP Query User{9EEDB1A3-52C3-4492-9D70-B6272894C0AB}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe No File
FirewallRules: [UDP Query User{33826A3A-E1D5-4783-A5AB-9555D5B39419}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe No File
FirewallRules: [{3BB4A15F-A767-46D2-AA1A-D6A75F237F9A}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{BD9E036C-9B54-4874-808B-C331CE8D5AF0}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{5992F757-4350-4272-A053-31CD5877DDCD}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [UDP Query User{1BD9BCEB-345F-43A1-95FC-9A69E49FD493}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [TCP Query User{7E5E6F9D-5748-486C-B9C3-27881D8A8F84}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [UDP Query User{13180243-F8FC-4C4C-B174-8EA4B5C2E893}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [{4B2B853A-85AB-43E6-A8AD-F9866A7C8CF9}] => (Allow) D:\Steam\steamapps\common\YoutubersLife\YoutubersLife.exe () [File not signed]
FirewallRules: [{D1F0410C-36B4-4ABE-903C-0871DB3E3E69}] => (Allow) D:\Steam\steamapps\common\YoutubersLife\YoutubersLife.exe () [File not signed]
FirewallRules: [{66298945-0273-450F-BB69-55BEEBCB9825}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E652D689-8D1D-44A9-90B6-0F96B22378DA}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{60FC3CF0-867D-4777-95B8-D1444F9BC515}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{03CBC5E9-9431-4BA6-92B9-A5999D5BE9D7}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2556BDF2-A9AD-4AFD-9F32-378790FAC7C6}] => (Block) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B8102F52-70CF-42F1-A356-70ED8906C916}] => (Block) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{DE082781-8E78-431A-968D-7847C191C4CD}D:\steam\steamapps\common\terraria\tmodloaderserver.exe] => (Allow) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{642F0DD3-0C17-4F32-B281-606687CB6FCE}D:\steam\steamapps\common\terraria\tmodloaderserver.exe] => (Allow) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{A0B8B874-6998-4D1F-B113-36EE3D286BB6}] => (Block) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{93D4CA5E-9F2B-4977-86FF-164A69CDE328}] => (Block) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{765C56C6-05A6-4CA0-831E-CEBFF2F712D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA80A081-17A3-4E63-9CA8-9257A5A9CD79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CB9C32B0-69A9-4821-9203-64A9EBD1E38C}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{657DA16D-FA02-47D1-8243-657A3048EEC9}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{12B4FEC2-AF09-495F-8563-58FE9C986827}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AABCFD0B-1D4B-4ACA-8A94-947A9A22D96D}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AF9F777F-6F5C-451B-A7CF-61D861E2CF87}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
FirewallRules: [{4A13FE62-B541-45A1-8A6D-E4F36258B90A}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9F06676D-BCBD-4F40-AE3D-3669B27C9889}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4EA5A15D-AB7E-4BE9-BC89-F3CAA3E535F7}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{005DB058-3535-4FAF-8A33-BD9CEDCC3AAC}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D39C3EDC-6F0F-4518-A3E7-9AE3552EEE95}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3F4420C3-A93E-42D8-9945-69BA71A66790}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0D5137C6-F909-406F-B8E3-092375C1C8DE}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BC303498-77AA-44B5-82A2-C3749033C196}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{7587BAD1-E6AE-4D1C-901B-8A97BB5DA3D3}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{519F0FB5-B476-47AD-AD46-3BBB054BF9D2}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9A813332-C314-44A0-8B59-A12698A82DA1}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{600F259F-B105-4B67-8851-2AA0852CE092}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{9D356FDF-C72E-4C63-BAA4-6B31E7943B04}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{D85252BD-5721-457A-8EE7-CCAC2EA20D28}D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe] => (Allow) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [UDP Query User{5122FF53-4D6A-473D-AAD3-0F4DC153678D}D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe] => (Allow) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [{39F5D65D-DA35-4D86-81A2-943B96846E1C}] => (Block) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [{8F952508-F437-462F-9E72-8D8690AC37FC}] => (Block) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [{8CD9031B-D4F1-49D3-A9E4-F3267C8CA3D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{619E9EDF-E2B1-4DF9-9463-0D2296D24000}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{862904C1-0ECC-4056-92F2-91013F961A5C}] => (Allow) D:\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe () [File not signed]
FirewallRules: [{A519C979-5FA8-408A-9090-D5F4DE7C8017}] => (Allow) D:\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe () [File not signed]
FirewallRules: [{73B68EC1-071C-48E4-B55B-73385511D3D8}] => (Allow) D:\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp z o.o.) [File not signed]
FirewallRules: [{A2D33407-ECD6-4E19-A9FD-A4AB6E164C53}] => (Allow) D:\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp z o.o.) [File not signed]
FirewallRules: [TCP Query User{96D6AA6E-719B-48BF-86CE-B74080305224}D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [UDP Query User{302D475E-B4AC-4A1B-96B1-CD08F4AFA648}D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [{C6B9366A-9C04-44D1-93BE-558C50BCB066}] => (Block) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [{E4099DF3-88D9-4F0C-8BDF-743D910F1804}] => (Block) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [{5D7E2885-AAE3-415F-9F27-6B03E952CE9F}] => (Allow) D:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{E20B7933-7E9E-4560-BF32-61F10CCB683A}] => (Allow) D:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [TCP Query User{16560BB4-105B-48E2-BD1F-9EEEC910B85C}D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe] => (Allow) D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{6BA5D829-C0FB-46BB-A08C-09E149BCCA9D}D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe] => (Allow) D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DB371EAA-3B26-40CA-8811-BA8BC803984C}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{786057DA-0D9D-4A09-B233-8208B5C7A0E6}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [TCP Query User{A978FD10-867F-4696-8624-E1DC9B981765}D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe] => (Allow) D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{FC655924-F7CC-4EF6-8047-A13076CD6222}D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe] => (Allow) D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{0889231E-1D4C-4FE3-B13C-9B417C3959DB}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{6B53A068-8EA7-4B95-928E-D5C3E624B842}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{B18DC86E-9C82-4C92-A119-DA0B1318DCB3}D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{B9CCB983-6600-457D-8210-DC9547257E56}D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [TCP Query User{48A34C9D-1143-4A2D-883A-992B2393815D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{81FB21D9-7225-4BD3-83ED-825AB23FE909}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{F295EC29-9DD5-41ED-8A17-944272F41AE9}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [UDP Query User{87AB680F-19DA-408D-891A-F11B7AC08243}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [TCP Query User{A0C9BBDD-1C70-430B-92D4-B56F114B27B7}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [UDP Query User{53126A64-5768-4EB9-914C-7900A54E26D7}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [TCP Query User{2F19902D-655D-4366-90B0-CC6FF4A39B73}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{845D4E09-ACD8-4FEB-BB0D-A30166827DDA}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{2F46DB89-B230-4DB0-8EE7-AF8DAC921E3A}C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe (VPN1 LLC -> VPN1 LLC, USA)
FirewallRules: [UDP Query User{C6F53977-385B-4A11-AFAC-CFCF27DFF971}C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe (VPN1 LLC -> VPN1 LLC, USA)
FirewallRules: [{DA18B817-854C-4049-8D72-58CFBFAC7EEF}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{CA04742C-B922-4B35-A3EC-AE6F03225FEE}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{4E88BA39-8281-4426-8046-2E8AE8B70301}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{CC4AC9FC-9058-4A37-97DA-E45B05519339}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{692CE06F-B8B7-4341-BA56-D0088379FD3E}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{A3377493-0BC3-4755-AA0D-2DB02606C1EB}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{B2959550-3198-45E7-A81F-932C7143EE42}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{36F5867B-DD03-4B84-9537-F6FDAEAF34F7}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{3D20A2B7-45A5-4153-A42F-2DEC53320C61}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [UDP Query User{06AF7241-7293-4F68-BD36-044CA2A62D6B}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [TCP Query User{3496EA44-ADF4-439F-818F-07C0255A8FA3}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [UDP Query User{C78ABD9C-F0D5-4010-AEF4-4F1DD29DAD1C}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [TCP Query User{7D8A6F93-AFC6-46A6-93E6-065CC7977E14}D:\paladins\binaries\win64\paladins.exe] => (Allow) D:\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{BD10561D-EF0F-4E7C-B5FE-4D5D0978099E}D:\paladins\binaries\win64\paladins.exe] => (Allow) D:\paladins\binaries\win64\paladins.exe No File
FirewallRules: [{CBD6CE54-C5D9-4574-BF1C-5BB78331E29E}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1F5F61B1-C3FF-43D9-86C0-8EDB57F2A0A3}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3885B2A1-D940-4601-BA92-A214E59E4DF6}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{FFE1EC4E-22A6-4045-A03F-FC463537D2A2}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F36ADBD3-421D-4863-96A3-E36ACAE462A6}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A280AFF1-ABE5-45CF-8995-AC5C662D6BF1}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{278802E0-815A-46DB-A7A8-36FC7602FA7E}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CB25BAC1-FEC2-4DB5-82EE-A51F9DACE413}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3566B987-537A-4BEF-990D-36E32275D879}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{97312056-D241-41EC-9350-E6905F1FBF41}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{54A45691-0605-4C4B-B5DB-D31D31BE0BC6}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9E1EBCCB-A99C-4AAC-BA1D-068282070713}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3B196740-3E64-47D4-839B-D6BDC8042448}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9F720D67-0B51-44FE-8A46-2F4D402C303D}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C9CE388E-CE1F-4941-A7BE-0B4ABAB1D1FA}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B6AAE970-DB1F-4AC4-8AE4-8E8657426F14}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CD6940DB-CCEC-4A7A-AED5-7AFEAF9B8A52}] => (Allow) D:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{EF3A5A16-53F8-440D-9E28-AAE24FF30F16}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [TCP Query User{253AF948-C606-4BA0-9932-C607B340D1CC}C:\program files (x86)\x-vpn\x-vpn.exe] => (Allow) C:\program files (x86)\x-vpn\x-vpn.exe (Free Connected Limited -> )
FirewallRules: [UDP Query User{DF9F0893-429D-4445-99D6-E2F374462B31}C:\program files (x86)\x-vpn\x-vpn.exe] => (Allow) C:\program files (x86)\x-vpn\x-vpn.exe (Free Connected Limited -> )
FirewallRules: [{B63A9A68-9E9B-4D27-A9AF-62475DB16C34}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{01DEA586-11CD-44C3-86CF-68918531399B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{637FD5F0-588D-4929-B885-3C0E3AE569B4}] => (Allow) D:\Steam\steamapps\common\SuperSmash\SuperSmash\SuperSmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E66393FA-EBA5-407C-B4BF-C9D949C9F472}] => (Allow) D:\Steam\steamapps\common\SuperSmash\SuperSmash\SuperSmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0E8B3827-C39C-4DEC-BA90-DEF78D6A261E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12624.20466.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78191FDA-B59A-43D8-A734-1D84E65AAD70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75945D44-6CBC-45F2-97B7-212E518966E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A177215-4438-408F-9AB4-BAEA451AED1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23AE7DEA-0738-4645-B4D4-BE332CB3B48D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05A65765-8688-4BFD-B387-3BDFF84772CD}] => (Allow) D:\Steam\steamapps\common\TerraTech\TerraTechWin64.exe () [File not signed]
FirewallRules: [{23325DD1-8485-4B9B-8A10-78F111D01803}] => (Allow) D:\Steam\steamapps\common\TerraTech\TerraTechWin64.exe () [File not signed]
FirewallRules: [TCP Query User{DDBD0E77-DCB2-4BA0-960B-A3B211422DB2}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [UDP Query User{11BEB8FD-6876-48BE-8818-9A5BAF5B7B6D}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [{909FBF4A-81E7-4DCB-BDBE-6054C08F1C7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
29-04-2020 10:30:50 Restore Point Created by FRST
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/29/2020 10:37:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Jonathan Mark Peteza\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3236.0,language="&#x2a;",type="win32",version="63.0.3236.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/29/2020 10:36:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e709557
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0x15d4
Faulting application start time: 0x01d61dcefccf8638
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: d1bf8c02-3922-424f-8946-ffb86d2fecd5
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/29/2020 10:36:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Program.Main(System.String[])
 
Error: (04/29/2020 10:30:50 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2b573af6-a65a-4dbd-b8b6-e01987b7b81e}
 
Error: (04/29/2020 10:17:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4580,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (04/29/2020 10:09:29 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Jonathan Mark Peteza\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3236.0,language="&#x2a;",type="win32",version="63.0.3236.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/29/2020 10:09:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e709557
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0x1478
Faulting application start time: 0x01d61dcb26064828
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5f2ec9ce-609a-480c-8529-9b3d38cfa21e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/29/2020 10:09:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Program.Main(System.String[])
 
 
System errors:
=============
Error: (04/29/2020 10:36:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Freemake Improver service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/29/2020 10:36:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Freemake Improver service to connect.
 
Error: (04/29/2020 10:36:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
 
Error: (04/29/2020 10:36:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
 
Error: (04/29/2020 10:36:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
 
Error: (04/29/2020 10:30:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Content Protection HECI Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/29/2020 10:30:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Comm Recovery service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/29/2020 10:30:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP JumpStart Bridge service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
 
Windows Defender:
===================================
Date: 2020-04-29 10:08:15.397
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6FB5B4C1-26FE-4F6C-9108-0B7D4D7A92CA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-29 06:48:24.733
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8D2F22FA-3104-4AE4-9A7A-DCDC132C9091}
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2020-04-27 16:59:08.367
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DAB85A60-746F-45BF-A785-7CF905FFA213}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-24 11:57:23.491
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1876DFDE-B9A4-4BFB-A038-FC467369DD0C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-17 14:30:49.898
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B6B084F7-24C8-4632-99E8-48B6D4A88BA0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-29 10:19:52.003
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:19:52.003
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:19:52.003
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:10:04.456
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:10:04.456
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
CodeIntegrity:
===================================
 
Date: 2020-04-29 06:42:38.224
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-29 06:38:07.260
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:54:10.369
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:48:24.863
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:42:37.021
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:36:51.671
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:31:06.065
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:25:21.507
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F.19 04/18/2019
Motherboard: HP 838F
Processor: Intel® Core™ i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 69%
Total physical RAM: 8070.9 MB
Available physical RAM: 2476.97 MB
Total Virtual: 14726.9 MB
Available Virtual: 7095.62 MB
 
==================== Drives ================================
 
Drive c: (WINDOWS) (Fixed) (Total:118.01 GB) (Free:40.32 GB) NTFS
Drive d: (DATA) (Fixed) (Total:917.57 GB) (Free:218 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:13.94 GB) (Free:1.66 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{1f2ed825-b482-4b45-9743-6b99410057f4}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.4 GB) NTFS
\\?\Volume{629b0f54-3fa3-433f-9cc3-affef9c97016}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 286DC53F)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: D0FC9F30)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

Advertisements


#17
jonauwu

jonauwu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

should i also show you the fixlog.txt?


  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 7,601 posts

yes. Did you remove Avast ?


  • 0

#19
jonauwu

jonauwu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

yes i already removed avast


  • 0

#20
jonauwu

jonauwu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Jonathan Mark Peteza (29-04-2020 10:30:47) Run:2
Running from D:\Users\Jonathan Mark Peteza\Downloads
Loaded Profiles: Jonathan Mark Peteza (Available Profiles: Jonathan Mark Peteza)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-13] (AVAST Software s.r.o. -> AVAST Software)
EmptyTemp:
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
aswArPot => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswArPot => could not remove, key could be protected
aswbidsdriver => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswbidsdriver => could not remove, key could be protected
aswbidsh => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswbidsh => could not remove, key could be protected
aswblog => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswblog => could not remove, key could be protected
aswbuniv => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswbuniv => could not remove, key could be protected
aswElam => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswElam => removed successfully
aswElam => service removed successfully
aswHdsKe => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswHdsKe => removed successfully
aswHdsKe => service removed successfully
HKLM\System\CurrentControlSet\Services\aswHwid => could not remove, key could be protected
aswKbd => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswKbd => could not remove, key could be protected
HKLM\System\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}\\UpperFilters aswKbd => value removed successfully
aswMonFlt => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswMonFlt => could not remove, key could be protected
aswRdr => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswRdr => could not remove, key could be protected
aswRvrt => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswRvrt => could not remove, key could be protected
aswSnx => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswSnx => could not remove, key could be protected
aswSP => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswSP => could not remove, key could be protected
aswStm => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswStm => could not remove, key could be protected
aswVmm => Unable to stop service.
HKLM\System\CurrentControlSet\Services\aswVmm => could not remove, key could be protected
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15906246 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 120810870 B
Edge => 1384999 B
Chrome => 586063125 B
Firefox => 40088468 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1290126 B
NetworkService => 1221811828 B
Jonathan Mark Peteza => 2052180706 B
 
RecycleBin => 7111 B
EmptyTemp: => 3.8 GB temporary data Removed.
 
================================
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-04-2020 10:37:07)
 
 
Result of scheduled keys to remove after reboot:
 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Services\aswArPot => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswbidsdriver => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswbidsh => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswblog => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswbuniv => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswHwid => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswKbd => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswMonFlt => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswRdr => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswRvrt => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswSnx => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswSP => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswStm => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswVmm => could not remove, key could be protected
 
==== End of Fixlog 10:37:08 ====

  • 0

#21
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 7,601 posts

Hello,

 

Avast will not move,

 

Lets remove it a different way

 

First download the Avast Removal tool:

 

from this web site linked below

https://www.avast.co...install-utility

 

 

Then you will need to boot the computer to the Safe Mode here's how to do that:

https://www.digitalc...mode-windows-10

 

 

Once in Safe Mode run the Avast removal tool that we downloaded....

 

 

Then you will need to  Re-run Frst an post 2 new logs so I can see that avast is gone....


  • 0

#22
jonauwu

jonauwu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2020
Ran by Jonathan Mark Peteza (administrator) on LAPTOP-4N58D2U8 (HP OMEN by HP Laptop 15-ce0xx) (29-04-2020 11:12:56)
Running from D:\Users\Jonathan Mark Peteza\Downloads
Loaded Profiles: Jonathan Mark Peteza (Available Profiles: Jonathan Mark Peteza)
Platform: Windows 10 Home Single Language Version 1909 18363.815 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Garena Online Pte Ltd -> Garena Online ) C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_59a0a32410fb19a2\x64\OmenCap.exe
(HP Inc. -> HP Inc.) D:\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Intel® Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Logitech Inc -> ) C:\Program Files\LGHUB\logi_analytics_client.exe
(Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <2>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATILUE.EXE
(Shanghai Changzhi Network Technology Co., Ltd. -> ) C:\XuanZhi\LDPlayer\ldnews.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe
(TODO: <Company name>) [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\RAKK Lam-Ang Pro Mechanical Keyboard.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-03-07] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-02-06] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-27] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RazerCortex] => "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun
HKLM-x32\...\Run: [RAKK Lam-Ang Pro Mechanical Keyboard] => D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\RAKK Lam-Ang Pro Mechanical Keyboard.exe [1766400 2018-02-02] (TODO: <Company name>) [File not signed]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [238440 2020-04-27] (IDSA Production signing key -> Intel)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31740816 2020-04-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12476064 2019-01-11] (Samsung Electronics CO., LTD. -> )
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [Chromium] => "c:\users\jonathan mark peteza\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [Parsec.App.0] => C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_8.2.10.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe app_silent=1
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATILUE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [71464072 2020-01-23] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Run: [LDNews] => C:\XuanZhi\LDPlayer\ldnews.exe [1309376 2020-04-23] (Shanghai Changzhi Network Technology Co., Ltd. -> )
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\RunOnce: [Application Restart #3] => D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\RAKK Lam-Ang Pro Mechanical Keyboard.exe [1766400 2018-02-02] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\RunOnce: [Adobe Speed Launcher] => 1588129951
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\MountPoints2: {150d2d1d-23fb-11ea-b652-80ce6250b9ca} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\MountPoints2: {4a941a7e-0b44-11ea-b5f2-80ce6250b9ca} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\MountPoints2: {68bae72b-513e-11ea-b6cc-80ce6250b9ca} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0FA013A5-C4B2-41B1-A49E-D5E55F49976E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {143B2BA8-850B-4C40-AE3A-2D0ED1ABAA38} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2016-03-17] (Intel® Software -> Intel Corporation)
Task: {1D470E2F-7CE9-440C-A208-1AEB0098B2A6} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-03] (HP Inc. -> HP Inc.)
Task: {200E73BC-D9A8-4473-8752-7FF4D8C35CBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {30674AE8-0F4A-44E5-9018-C3D15595A59E} - System32\Tasks\{59DD2BB5-47F4-4941-B7CC-A1924C84760F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.41.0.101&LastError=404
Task: {319341D1-3869-44E0-9507-AFB7F88A6649} - System32\Tasks\gxx speed launcher => C:\Program Files (x86)\Garena\Garena\Garena.exe [457600 2019-07-02] (Garena Online Pte Ltd -> Garena Online )
Task: {3262A96A-4492-436B-A782-FF31884AC003} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35CC8195-9A52-4B02-BE9A-2AF295BB7848} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40F6AB1D-494A-46B8-83AE-C6F91675A6DA} - System32\Tasks\EPSON L120 Series Invitation {965C2044-E5E5-4ADF-8155-079939EF4005} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {47C6FB73-9780-4222-A95C-EC3428B28939} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4B22DFD9-B8CC-4C58-90B0-DD73645AE462} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [147320 2019-12-19] (HP Inc. -> HP Inc.)
Task: {4D0E964F-F27F-4571-9101-3636946283EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5AB5FDB9-6728-4164-B8F1-D9ACEEC21967} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6359DC2F-5164-40DA-B427-0390595033E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {671A5469-91F0-48CE-B921-512BA9DD7F98} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-07] (HP Inc. -> HP Inc.)
Task: {76E92688-F068-4C7B-8934-EFC50EBCDE41} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
Task: {786DF32E-A1B6-4755-ADF2-728204FD3AEA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DD72F8D-0ADC-4BE6-A5A8-EA6BF9AA7716} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {8CB90663-AAF5-4458-889B-F91346C7A365} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E7E2B8C-7AE8-4384-9DBA-5AD3A16A3468} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-16] (Google Inc -> Google Inc.)
Task: {90B3B4FF-BAEF-4B11-BB2A-5D0E3B8D4C34} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
Task: {A196053F-3E81-43C9-831F-C0C74ED478CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8CAF086-E203-4B73-A34A-0F0AD7628F96} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
Task: {AF445D3C-003A-4798-B28B-A659B700261F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-16] (Google Inc -> Google Inc.)
Task: {B7FF879E-A2D7-43BF-9E10-4BD74296FCE8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD241A29-0804-48CD-8F89-D660D1B9E1D3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {BD74F9C7-5128-4ED2-B190-295386182C5B} - System32\Tasks\EPSON L120 Series Update {965C2044-E5E5-4ADF-8155-079939EF4005} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {C2620774-44F9-4C07-B9E0-4978654489CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6D5EF7C-DD68-4B91-8979-16764B93A34C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE34035B-F686-468E-B015-DCD32FF08BC9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5389E4B-8C66-4234-91A4-592DD0123DCF} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1359728 2017-10-26] (HP Inc. -> HP Development Company, L.P.)
Task: {D644F21E-4641-445A-A371-B9D86EA0B5C6} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {DAAD404B-7E46-4CEB-A833-4A1A00E61ECD} - System32\Tasks\UAC_X-VPN => C:\Program Files (x86)\X-VPN\X-VPN.exe [16445424 2020-03-24] (Free Connected Limited -> )
Task: {DDE861CA-8478-47CB-B1C0-FD5B88DC2AEB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBDF2B76-2A70-4E52-AED2-8061994B71B6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {EEDFE42F-4246-4EDE-B516-A0121A83BEB9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {F1EF09E2-AA98-4CC0-A780-7AF63F2528E7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F97DA8AD-CBE3-4204-B94B-216464C1AE64} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON L120 Series Invitation {965C2044-E5E5-4ADF-8155-079939EF4005}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE
Task: C:\WINDOWS\Tasks\EPSON L120 Series Update {965C2044-E5E5-4ADF-8155-079939EF4005}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSLUE.EXE:/EXE:{965C2044-E5E5-4ADF-8155-079939EF4005} /F:UpdateWORKGROUP\LAPTOP-4N58D2U8$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a3e757ac-74d6-42ef-b0c9-5233d97b9b54}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{cc6d8ac5-41c6-40ac-a9ca-4d482d3f37e8}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{da74ab2c-8181-4e87-a369-1710156b44df}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{fa9b27c8-e098-4c4e-9a67-165f07633b04}: [DhcpNameServer] 192.168.100.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2019-12-19] (HP Inc. -> HP Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2019-12-19] (HP Inc. -> HP Inc.)
 
FireFox:
========
FF DefaultProfile: 7to46cbq.default
FF ProfilePath: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Mozilla\Firefox\Profiles\7to46cbq.default [2020-04-29]
FF ProfilePath: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Mozilla\Firefox\Profiles\or8qb6zw.default-release [2020-04-29]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-21] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default [2020-04-29]
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Slides) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-18]
CHR Extension: (Docs) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-18]
CHR Extension: (Google Drive) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-18]
CHR Extension: (YouTube) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-18]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Bing) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-02-18]
CHR Extension: (Sheets) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-08]
CHR Extension: (Avast Online Security) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-18]
CHR Extension: (Gmail) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-02-18]
CHR Extension: (Chrome Media Router) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-08]
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-29]
CHR Notifications: Profile 1 -> hxxps://lighronlittheprat.pro; hxxps://mail.google.com; hxxps://mydcampus.dlsl.edu.ph; hxxps://p3.maranhesduve.club; hxxps://usecytonsmehers.info; hxxps://www.brainzilla.com; hxxps://www.razer.com
CHR DefaultSearchURL: Profile 1 -> hxxps://movie.searchmedia.club/search/?category=web&s=c1ds&vert=movie&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Films Search
CHR DefaultSuggestURL: Profile 1 -> hxxps://sug.searchmedia.club/search/index_sg.php?q={searchTerms}
CHR Extension: (Docs) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Google Drive) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-23]
CHR Extension: (YouTube) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-23]
CHR Extension: (TwoSeven Extension) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjdnfmjmdligcpfcekfmenlhiopehjkd [2020-04-24]
CHR Extension: (Films Search) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dipihnbjfgehkpoanipnejikkjhgjcin [2020-04-28]
CHR Extension: (RadioRage) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epnlgkkjhejkeibepmejlffjfelihenc [2020-04-28]
CHR Extension: (Metastream Remote) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2020-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-16]
CHR Extension: (Mega Media Start) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipppaabbmnphdfjcnbjjbmimefomegjd [2020-04-28]
CHR Extension: (Unseen for Facebook) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jiomcgpfgkeefipihnplhadgdoollmap [2020-01-26]
CHR Extension: (Black red shards) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2018-08-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Netflix Party) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-04-18]
CHR Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oofgbpoabipfcfjapgnbbjjaenockbdp [2020-04-23]
CHR Extension: (Gmail) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-04-29]
CHR HomePage: Profile 2 -> msn.com
CHR StartupUrls: Profile 2 -> "hxxps://docs.google.com/forms/d/1DzUUKLFj0J-rVTR8KfG05ic6JJISyrcWN8Sd6cTvCAE/viewform"
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Slides) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-11]
CHR Extension: (Docs) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-11]
CHR Extension: (Google Drive) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-11]
CHR Extension: (YouTube) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-11]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-11]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-12-11]
CHR Extension: (Sheets) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-12-11]
CHR Extension: (Avast Online Security) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-11]
CHR Extension: (Black blue shards) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hgoflmajhinnohnhkfeggflmmppiilck [2019-12-11]
CHR Extension: (Search Manager) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ijahobfejgeblmkpcmgpelfibgnnjpil [2019-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-11]
CHR Extension: (Search Manager) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2019-12-11]
CHR Extension: (Gmail) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-11]
CHR Extension: (Chrome Media Router) - C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\Jonathan Mark Peteza\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8469592 2020-03-04] (BattlEye Innovations e.K. -> )
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-31] (Realtek Semiconductor Corp.) [File not signed]
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39784 2020-04-27] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [153960 2020-04-27] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803456 2019-04-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1651792 2017-10-27] (Intel Corporation -> Intel Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel® Software Development Products -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-03-17] (Mixbyte Inc -> Freemake)
R2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe [320512 2019-07-02] (Garena Online Pte Ltd -> Garena Online )
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\AppHelperCap.exe [515344 2020-03-27] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-07] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\NetworkCap.exe [514320 2020-03-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_59a0a32410fb19a2\x64\OmenCap.exe [502544 2020-02-05] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\SysInfoCap.exe [516880 2020-03-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\TouchpointAnalyticsClientService.exe [429008 2019-10-31] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-07-25] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel® Software Development Products -> Intel Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [197264 2017-09-26] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [9847944 2020-01-23] (Logitech Inc -> Logitech, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC -> McAfee, LLC)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [200272 2020-03-26] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1738368 2020-04-21] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267552 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [738712 2019-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel® Software Development Products -> )
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-02-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel® Software Development Products -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [18736 2018-09-06] (Intel® Extreme Tuning Utility -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R2 aow_drv; D:\Program Files\TxGameAssistant\UI\3.21.598.100\aow_drv_x64_ev.sys [871296 2020-03-24] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2017-10-27] (Intel Corporation -> Intel Corporation)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [33352 2018-12-19] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1096192 2019-08-12] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70664 2017-07-25] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2020-04-23] (MyTestCertificate -> Oracle Corporation)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\35872\driver_cpu_temperature\logi_core_temp.sys [25448 2020-01-23] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-01-16] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [20624 2020-01-16] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-01-16] (Logitech Inc -> Logitech)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-07] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_789dc510781607ea\nvlddmkm.sys [23446968 2020-04-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010624 2018-05-22] (Realtek Semiconductor Corp. -> Realtek )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [62440 2017-10-10] (Realtek Semiconductor Corp. -> Realtek)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [787232 2019-11-30] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [783328 2017-06-09] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-06-09] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11722328 2019-12-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [45144 2017-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46680 2017-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-04-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2020-04-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [582032 2020-04-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-04-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-04-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-29] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-04-13] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation -> Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-29 06:57 - 2020-04-29 11:13 - 000000000 ____D C:\FRST
2020-04-28 10:43 - 2020-04-28 10:43 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 004129424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2020-04-28 10:43 - 2020-04-28 10:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 022637056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 018028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 007267328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 006522840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 006291968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 006079184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 005109760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-28 10:42 - 2020-04-28 10:42 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001734144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001667600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000783488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000673488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-28 10:42 - 2020-04-28 10:42 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000211472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-04-28 10:42 - 2020-04-28 10:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-28 10:42 - 2020-04-28 10:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-28 10:41 - 2020-04-28 10:41 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 007899528 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 006434304 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 004009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002461696 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002255136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000915208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000460408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-04-28 10:41 - 2020-04-28 10:41 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-28 10:41 - 2020-04-28 10:41 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-04-28 10:41 - 2020-04-28 10:41 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 003587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000874312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000631608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-04-28 10:40 - 2020-04-28 10:40 - 000589400 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-28 10:40 - 2020-04-28 10:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-28 10:40 - 2020-04-28 10:40 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-28 10:40 - 2020-04-28 10:40 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-04-25 18:04 - 2020-04-12 05:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000450280 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-04-25 18:04 - 2020-04-12 05:55 - 000346856 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-04-25 18:04 - 2020-04-12 05:54 - 011945872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-04-25 18:04 - 2020-04-12 05:54 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 017601632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 015158384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 005855856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 005159520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 002074232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001722480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444587.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001566328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001483376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001481328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001142200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 001048504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000817080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000811448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000679864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000655312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000546744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-04-25 18:04 - 2020-04-12 05:53 - 000543160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-04-25 18:04 - 2020-04-12 05:51 - 004195688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-04-25 16:38 - 2020-04-25 17:25 - 000000618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rules of Survival.lnk
2020-04-23 20:22 - 2020-04-23 20:22 - 000000068 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\changzhi_leidian.data
2020-04-23 20:22 - 2020-04-23 20:22 - 000000000 ____D C:\Users\Jonathan Mark Peteza\.Ld2VirtualBox
2020-04-23 19:16 - 2020-04-23 19:16 - 000000827 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\LDMultiPlayer4.lnk
2020-04-23 19:16 - 2020-04-23 19:16 - 000000802 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\LDPlayer4.lnk
2020-04-23 19:16 - 2020-04-23 19:16 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer4
2020-04-23 19:16 - 2020-04-23 19:16 - 000000000 ____D C:\Program Files\ldplayerbox
2020-04-23 19:15 - 2020-04-23 20:22 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\XuanZhi
2020-04-23 19:12 - 2020-04-23 19:12 - 000000000 ____D C:\XuanZhi
2020-04-23 19:11 - 2020-04-23 20:23 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\ChangZhi2
2020-04-23 19:10 - 2020-04-23 19:10 - 000000000 ____D C:\Users\Public\BlueStacks
2020-04-23 19:10 - 2020-04-23 19:10 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\BlueStacksSetup
2020-04-22 19:48 - 2020-04-22 19:48 - 000000612 _____ C:\Users\Jonathan
2020-04-22 19:45 - 2020-04-22 19:56 - 000000000 ____D C:\Users\Jonathan Mark Peteza\Downloads\MEmu Download
2020-04-22 19:44 - 2020-04-22 19:57 - 000000000 ____D C:\Program Files (x86)\Microvirt
2020-04-22 19:44 - 2020-04-22 19:44 - 000000222 _____ C:\Users\Jonathan Mark Peteza\Desktop\TerraTech.url
2020-04-21 13:57 - 2020-04-21 13:57 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-04-21 13:57 - 2020-04-21 13:57 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Ubisoft Game Launcher
2020-04-21 13:57 - 2020-04-21 13:57 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2020-04-17 18:50 - 2020-04-17 18:50 - 000000219 _____ C:\Users\Jonathan Mark Peteza\Desktop\Counter-Strike Global Offensive.url
2020-04-17 18:06 - 2020-04-17 18:06 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-17 18:06 - 2020-04-17 18:06 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-17 18:06 - 2020-04-17 18:06 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-17 18:06 - 2020-04-17 18:06 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-17 18:06 - 2020-04-17 18:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-17 18:05 - 2020-04-17 18:05 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-17 18:05 - 2020-04-17 18:05 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-17 18:05 - 2020-04-17 18:05 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-17 18:05 - 2020-04-17 18:05 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-17 18:01 - 2020-04-17 18:01 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-17 18:01 - 2020-04-17 18:01 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-16 11:55 - 2020-04-16 11:56 - 000000000 ____D C:\ProgramData\Betternet
2020-04-16 11:55 - 2020-04-16 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc
2020-04-16 11:55 - 2020-04-16 11:55 - 000000000 ____D C:\Program Files (x86)\Betternet
2020-04-16 11:38 - 2020-04-16 11:38 - 000003124 _____ C:\WINDOWS\system32\Tasks\UAC_X-VPN
2020-04-16 11:38 - 2020-04-16 11:38 - 000001921 _____ C:\Users\Public\Desktop\X-VPN.lnk
2020-04-16 11:38 - 2020-04-16 11:38 - 000001921 _____ C:\ProgramData\Desktop\X-VPN.lnk
2020-04-16 11:38 - 2020-04-16 11:38 - 000000000 ____D C:\usr
2020-04-16 11:38 - 2020-04-16 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-VPN
2020-04-16 11:37 - 2020-04-16 11:38 - 000000000 ____D C:\Program Files (x86)\X-VPN
2020-04-14 12:21 - 2020-04-22 19:34 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\LocalLow\uTorrent
2020-04-13 17:07 - 2020-04-13 17:09 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Riot Games
2020-04-13 17:07 - 2020-04-13 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-04-13 17:07 - 2020-04-13 17:07 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-04-13 17:07 - 2020-04-13 17:07 - 000000000 ____D C:\Riot Games
2020-04-05 22:59 - 2020-04-09 16:55 - 000582032 _____ (TENCENT) C:\WINDOWS\system32\Drivers\UniSafe.sys
2020-03-30 14:22 - 2020-03-30 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-03-30 14:22 - 2020-03-30 14:22 - 000000000 ____D C:\Program Files\Logitech
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-04-29 11:12 - 2020-01-16 11:06 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\LGHUB
2020-04-29 11:12 - 2020-01-16 11:06 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\LGHUB
2020-04-29 11:12 - 2019-07-18 11:42 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\LogMeIn Hamachi
2020-04-29 11:12 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-29 11:12 - 2018-08-17 19:58 - 000000000 __SHD C:\Users\Jonathan Mark Peteza\IntelGraphicsProfiles
2020-04-29 11:12 - 2018-08-03 14:19 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-29 11:11 - 2019-06-14 17:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-29 11:11 - 2018-10-13 17:12 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-29 11:10 - 2019-03-19 12:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-04-29 11:09 - 2018-10-17 17:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-04-29 10:52 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-04-29 10:48 - 2019-06-14 17:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-29 10:48 - 2018-08-27 20:18 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-29 10:42 - 2019-06-14 17:57 - 000936876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-29 10:42 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-29 10:42 - 2019-02-08 20:37 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-04-29 10:38 - 2018-08-27 20:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-29 07:57 - 2018-08-20 22:17 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-29 07:04 - 2019-10-18 08:57 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-04-29 07:04 - 2018-08-03 14:17 - 000000000 ____D C:\Program Files (x86)\Intel
2020-04-29 07:04 - 2017-11-16 17:03 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-29 06:42 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-29 06:42 - 2018-08-17 19:58 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Packages
2020-04-29 06:42 - 2018-08-17 00:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\CrashDumps
2020-04-29 06:40 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-28 16:23 - 2019-06-14 17:59 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E812C209-8FA7-4232-B9DE-D65AA0B8EC4C}
2020-04-28 12:11 - 2018-08-20 22:43 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-28 11:39 - 2018-09-15 19:28 - 000000000 ____D C:\swsetup
2020-04-28 11:39 - 2017-11-16 17:05 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-04-28 11:29 - 2018-09-15 19:29 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\PlaceholderTileLogoFolder
2020-04-28 11:21 - 2018-08-17 19:58 - 000000000 ___RD C:\Users\Jonathan Mark Peteza\3D Objects
2020-04-28 11:21 - 2017-10-06 07:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-28 11:20 - 2019-06-14 17:52 - 000444944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-28 11:20 - 2019-03-19 12:52 - 000000000 ____D C:\PerfLogs
2020-04-28 10:55 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-28 10:00 - 2018-08-17 02:41 - 000000000 ____D C:\Users\Public\Logi
2020-04-27 23:09 - 2018-08-03 14:21 - 000000000 ____D C:\ProgramData\Realtek
2020-04-26 10:41 - 2018-08-17 00:58 - 000028600 _____ C:\WINDOWS\system32\UsrRules.bin
2020-04-25 18:24 - 2019-01-24 13:29 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\.minecraft
2020-04-25 18:24 - 2019-01-24 13:28 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\.tlauncher
2020-04-25 18:06 - 2018-12-30 16:05 - 000000000 ____D C:\temp
2020-04-25 18:06 - 2018-08-21 17:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\NVIDIA
2020-04-25 17:54 - 2018-08-26 10:04 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\CC
2020-04-24 19:52 - 2018-08-16 23:48 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-23 20:22 - 2019-06-14 17:54 - 000000000 ____D C:\Users\Jonathan Mark Peteza
2020-04-23 19:10 - 2019-08-17 09:35 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Bluestacks
2020-04-22 22:16 - 2018-09-01 18:52 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\uTorrent
2020-04-22 19:48 - 2019-08-04 14:53 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-08-04 14:53 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2019-06-14 17:59 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-22 19:48 - 2018-08-21 17:13 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Nox
2020-04-22 19:48 - 2018-08-03 14:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-22 19:48 - 2018-08-03 14:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-22 19:48 - 2018-08-03 14:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-22 19:44 - 2018-09-15 19:28 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\HP_Inc
2020-04-22 19:44 - 2018-08-21 17:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\.android
2020-04-22 19:34 - 2019-04-07 22:35 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\BitTorrentHelper
2020-04-21 18:15 - 2018-11-03 08:26 - 000007596 _____ C:\Users\Jonathan Mark Peteza\AppData\Local\Resmon.ResmonCfg
2020-04-21 17:00 - 2018-11-25 15:13 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\ElevatedDiagnostics
2020-04-21 14:26 - 2019-08-01 19:40 - 000000000 ____D C:\Program Files\Rockstar Games
2020-04-21 14:26 - 2019-08-01 19:40 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-04-21 14:00 - 2018-12-13 12:31 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\EpicGamesLauncher
2020-04-18 03:25 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 11:35 - 2019-06-14 17:59 - 000003410 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3214707409-3252344327-2410781183-1001
2020-04-16 11:35 - 2019-06-14 17:54 - 000002419 _____ C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-16 11:35 - 2018-08-17 19:59 - 000000000 ___RD C:\Users\Jonathan Mark Peteza\OneDrive
2020-04-13 17:09 - 2019-02-11 16:18 - 000000000 ____D C:\ProgramData\Riot Games
2020-04-12 05:53 - 2019-10-25 22:18 - 023446968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-04-12 05:52 - 2019-10-25 22:18 - 004927960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-04-09 22:02 - 2019-06-07 11:18 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-04-09 15:26 - 2019-08-28 11:03 - 000000298 _____ C:\Users\Jonathan Mark Peteza\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2020-04-09 14:38 - 2019-06-26 14:54 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\NoxSrv
2020-04-09 14:38 - 2018-08-21 17:14 - 000000000 ____D C:\Users\Jonathan Mark Peteza\vmlogs
2020-04-09 12:21 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Registration
2020-04-09 11:53 - 2019-06-26 14:45 - 000000084 _____ C:\Users\Jonathan Mark Peteza\AppData\Local\update_progress.txt
2020-04-09 11:42 - 2019-06-26 14:58 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\NoxPopup
2020-04-08 12:09 - 2018-08-29 09:47 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\vlc
2020-04-08 10:06 - 2018-09-02 13:00 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Roblox
2020-04-08 01:58 - 2019-08-04 14:53 - 002799416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-04-08 01:58 - 2019-08-04 14:53 - 002159592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-04-08 01:58 - 2019-08-04 14:53 - 001314792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2020-04-05 22:59 - 2019-10-03 08:13 - 000812208 _____ (TENCENT) C:\WINDOWS\system32\Drivers\tesrsdt.sys
2020-04-05 22:54 - 2019-10-03 07:49 - 000000883 _____ C:\Users\Jonathan Mark Peteza\Desktop\Gameloop.lnk
2020-04-05 19:37 - 2019-10-03 08:13 - 000555064 _____ (TENCENT) C:\WINDOWS\system32\TesSafe.sys
2020-04-04 13:13 - 2020-01-23 16:36 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-04-04 13:13 - 2020-01-23 16:36 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-04-04 13:13 - 2020-01-23 16:36 - 000000000 ____D C:\Program Files\LGHUB
2020-04-04 08:21 - 2019-10-25 22:18 - 000057237 _____ C:\WINDOWS\system32\nvinfo.pb
2020-04-04 05:56 - 2019-10-25 22:21 - 005581808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-04-04 05:56 - 2019-10-25 22:21 - 002631664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 001172464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 000446264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-04-04 05:55 - 2019-10-25 22:21 - 000074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-04-03 18:08 - 2019-10-25 22:21 - 009037867 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-03-30 14:57 - 2019-03-10 12:54 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Local\Spotify
2020-03-30 14:57 - 2019-03-06 09:27 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Spotify
2020-03-30 14:22 - 2018-08-17 02:42 - 000000000 ____D C:\ProgramData\LogiShrd
2020-03-30 14:22 - 2018-08-17 02:40 - 000000000 ____D C:\Users\Jonathan Mark Peteza\AppData\Roaming\Logishrd
 
==================== Files in the root of some directories ========
 
2018-10-13 19:50 - 2018-10-13 19:50 - 000066790 _____ () C:\Program Files (x86)\hyxd_license.htm
2020-04-23 20:22 - 2020-04-23 20:22 - 000000068 _____ () C:\Users\Jonathan Mark Peteza\AppData\Roaming\changzhi_leidian.data
2020-01-17 09:00 - 2020-01-17 09:08 - 000000085 _____ () C:\Users\Jonathan Mark Peteza\AppData\Roaming\~SiMPLEX.ini
2020-01-25 19:58 - 2020-01-25 20:02 - 000000084 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\Autosofted License.txt
2018-08-17 04:50 - 2018-08-17 04:50 - 000140800 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\installer.dat
2018-09-29 14:38 - 2018-09-29 14:38 - 000000000 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\oobelibMkey.log
2018-11-03 08:26 - 2020-04-21 18:15 - 000007596 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\Resmon.ResmonCfg
2019-06-26 14:45 - 2020-04-09 11:53 - 000000084 _____ () C:\Users\Jonathan Mark Peteza\AppData\Local\update_progress.txt
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Jonathan Mark Peteza (29-04-2020 11:14:07)
Running from D:\Users\Jonathan Mark Peteza\Downloads
Windows 10 Home Single Language Version 1909 18363.815 (X64) (2019-06-14 09:59:35)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3214707409-3252344327-2410781183-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3214707409-3252344327-2410781183-503 - Limited - Disabled)
Guest (S-1-5-21-3214707409-3252344327-2410781183-501 - Limited - Disabled)
Jonathan Mark Peteza (S-1-5-21-3214707409-3252344327-2410781183-1001 - Administrator - Enabled) => C:\Users\Jonathan Mark Peteza
WDAGUtilityAccount (S-1-5-21-3214707409-3252344327-2410781183-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Auto Keyboard v6.3 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 6.3 - MurGee.com)
Betternet for Windows 5.4.0.434 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF9CB03A4C}) (Version: 5.4.0.434 - Betternet Technologies Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brackets (HKLM-x32\...\{090BE437-6981-4002-8D90-ED9D47AEDE11}) (Version: 1.14.17752 - brackets.io)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Creative Destruction version 3.0.39 (HKLM-x32\...\{24904964-4247-4EBE-BC79-21D7FF68C6A0}_is1) (Version: 3.0.39 - My Company, Inc.)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON L120 Series Printer Uninstall (HKLM\...\EPSON L120 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1907.0210 - Garena)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto V (HKLM\...\Grand Theft Auto V_is1) (Version: 1.0.877.1 - )
GRID Autosport - Complete (HKLM-x32\...\GRID Autosport - Complete_is1) (Version:  - )
HitFilm Movie Essentials Pack (HKLM\...\{8343E462-0806-4A31-B061-8B10FD66BF45}) (Version: 1.0.6712.56130 - FXHOME)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.16.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8}) (Version: 2.22.2 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{A74C2A80-0052-4CDD-AAF0-39A85804C314}) (Version: 20.4.17.5 - Intel) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{275588D7-6C9D-4FB0-BBAE-2FA3F7C2DADB}) (Version: 6.4.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{6a0def1c-f6f2-4a5d-81f6-a1b858352c8b}) (Version: 6.4.1.25 - Intel Corporation)
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.9 - HP Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.2.1002 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{41112465-3c4f-42bb-9a61-39f7f509f8f8}) (Version: 20.4.17.5 - Intel)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer4) (Version: 4.0.23 - XUANZHI INTERNATIONAL CO., LIMITED)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.154 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.)
MediaHuman Audio Converter version 1.9.7 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7 - MediaHuman)
Microsoft OneDrive (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{171B3EB7-1B5D-4422-9460-8D95CF2508DB}) (Version: 1.11.2 - Mojang (By OfficialHawk)) Hidden
Minecraft (HKLM-x32\...\Minecraft 1.11.2) (Version: 1.11.2 - Mojang (By OfficialHawk))
Mozilla Firefox 70.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 70.0.1 (x64 en-US)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
NewBlue Filters 5 Ultimate (HKLM-x32\...\NewBlue Filters 5 Ultimate) (Version: 5.0 - NewBlue)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAKK Lam-Ang Pro Mechanical Keyboard (HKLM-x32\...\RAKK Lam-Ang Pro Mechanical Keyboard) (Version: V1.00 - RAKK Lam-Ang Pro FineTuner)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.156 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Roblox Player for Jonathan Mark Peteza (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.20.241 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.4 - Rockstar Games)
Rules of Survival version 1.385129.391438 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.385129.391438 - Hong Kong Netease Interactive Entertainment Limited)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.244 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SetupVPN 0.4.0 (only current user) (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\f8c0fbbe-5e62-535c-b687-54387a5b3b06) (Version: 0.4.0 - VPN1 LLC, USA)
Spotify (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop version 1.8.11 (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.11 - Telegram FZ-LLC)
The Forest (HKLM-x32\...\The Forest_is1) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F94A5095-E4DD-4ED8-AB0B-BFAC62176F8C}) (Version: 2.49.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 102.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio Professional 2017 (HKLM-x32\...\7ab1f306) (Version: 15.8.28010.2046 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vs_minshellmsi (HKLM-x32\...\{D98207CC-2AF6-474C-8375-9735AB86B7EB}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
X-VPN (HKLM-x32\...\X-VPN) (Version: 64.0 - Free Connected Limited)
 
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_2.1.200.2_x86__h6adky7gbf63m [2020-03-21] (Gameloft SE)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.166.400.0_x86__kgqvnymyfvs32 [2020-04-17] (king.com)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
GT Racing 2: The Real Car Experience -> C:\Program Files\WindowsApps\GAMELOFTSA.GTRacing2TheRealCarExperience_1.2.7.3_x86__0pp20fcewvvtj [2019-12-21] (GAMELOFT  SA)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.34.3400.0_x86__ytsefhwckbdv6 [2020-03-27] (G5 Entertainment AB)
Hotspot Shield Free VPN -> C:\Program Files\WindowsApps\6F71D7A7.HotspotShieldFreeVPN_2.5.2.0_x64__nsbqstbb9qxb6 [2019-11-20] (AnchorFree Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2018-08-03] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-08] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.6.598.0_x64__v10z8vjag6ke6 [2020-04-09] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.4.0_x64__v10z8vjag6ke6 [2020-02-22] (HP Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-04-06] (Instagram)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12624.20466.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)
Modern Combat Versus -> C:\Program Files\WindowsApps\A278AB0D.ModernCombatVersus_1.15.120.0_x86__h6adky7gbf63m [2020-04-27] (Gameloft SE)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-22] (Microsoft Corporation)
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.8.0.0_x86__crhqpqs3x1ygc [2019-11-07] (PicsArt Inc.) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4F78A44B1D39} -> [Creative Cloud Files] => C:\Users\Jonathan Mark Peteza\Creative Cloud Files [2019-05-13 23:56]
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-3214707409-3252344327-2410781183-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxDTCM.dll [2018-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-04-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\ok - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Jonathan Mark Peteza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2020-03-08 19:30 - 2020-03-08 19:30 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\d555984625315f878c5277396dfd06e7\Interop.IWshRuntimeLibrary.ni.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2020-03-28 20:18 - 2020-03-28 20:18 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\c61fa8472368324d67b52723ced03e57\BRIDGECommon.ni.dll
2020-03-08 19:29 - 2020-03-08 19:29 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\d5a263d0a9bacb2ea06ad791453afa67\BridgeExtension.ni.dll
2020-03-08 19:29 - 2020-03-08 19:29 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\19560b24dff7e63228c815cdf532cc5f\CleanStartController.ni.dll
2020-03-08 19:29 - 2020-03-08 19:29 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0759b01c07957225f8533a468fca215b\RegistrationUtilities.ni.dll
2018-11-05 09:43 - 2018-11-05 09:43 - 000204800 _____ () [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\bin\GK\SonixHidDll.dll
2017-06-29 14:27 - 2017-06-29 14:27 - 000204288 _____ () [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\bin\GM\SonixHidDll.dll
2018-08-24 15:44 - 2018-08-18 17:40 - 098275328 _____ () [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-08-24 15:44 - 2018-08-18 17:40 - 000092672 _____ () [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-08-24 15:44 - 2018-08-18 17:40 - 003922432 _____ () [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-03-08 19:30 - 2020-03-08 19:30 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\34ecf12dd95b6dad31aaae60798b3852\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-02-22 22:18 - 2020-02-22 22:18 - 000015360 ____X (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.4.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2020-03-08 19:29 - 2020-03-08 19:29 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\b8d6337751d6f079112f1a5713d2a1c0\CommonPortable.ni.dll
2020-03-08 19:30 - 2020-03-08 19:30 - 001585152 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\9d33f83df898b480f4169ea37ae42247\NAudio.ni.dll
2020-03-08 19:14 - 2020-03-08 19:14 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\848d8ad61c8f4641f1cdd1c8ae45e036\Newtonsoft.Json.ni.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 001660416 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\css.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 002022912 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\cwt.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 001659904 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\messageprompter.dll
2018-03-01 15:07 - 2018-03-01 15:07 - 001648640 _____ (SONiX Technology Co., Ltd.) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\messageprovider.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 001655808 _____ (SONiX Technology Co., Ltd.) [File not signed] D:\Jonathan Mark Peteza\Documents\Lamg-Ang(Pro)\Bin\Plugin.dll
2020-03-08 19:30 - 2020-03-08 19:30 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\caf078acd3d782d23232ed91e67c1154\log4net.ni.dll
2018-08-24 15:44 - 2018-08-17 22:39 - 000547840 _____ (The Chromium Authors) [File not signed] D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-10-21 20:56 - 2019-10-21 20:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 001651200 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\dialoginvoker.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001633792 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gamingforceledsyncer.dll
2018-03-01 15:08 - 2018-03-01 15:08 - 001665024 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gamingforcemain.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 001656832 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardmacro.dll
2018-03-01 15:06 - 2018-03-01 15:06 - 002036224 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardmain.dll
2018-03-01 15:09 - 2018-03-01 15:09 - 002195968 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardpersister.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001723904 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardprofile.dll
2018-03-01 15:08 - 2018-03-01 15:08 - 001652736 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardskin.dll
2018-03-01 15:10 - 2018-03-01 15:10 - 001669632 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gk\gamingkeyboardwriter.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001656320 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousemacro.dll
2018-03-01 15:05 - 2018-03-01 15:05 - 001936384 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousemain.dll
2018-03-01 15:04 - 2018-03-01 15:04 - 002195456 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousepersister.dll
2018-03-01 15:04 - 2018-03-01 15:04 - 001701888 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmouseprofile.dll
2018-03-01 15:04 - 2018-03-01 15:04 - 001664000 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmouseskin.dll
2018-03-01 15:03 - 2018-03-01 15:03 - 001656832 _____ (TODO: <Company name>) [File not signed] d:\jonathan mark peteza\documents\lamg-ang(pro)\bin\gm\gamingmousewriter.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 21:46 - 2018-10-17 13:07 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
2019-02-04 16:39 - 2019-02-04 16:39 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;D:\Brackets\command
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\Control Panel\Desktop\\Wallpaper -> D:\Users\Jonathan Mark Peteza\Downloads\firewatch_inspired-wallpaper-2560x1080.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Local Area Connection* 12: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-3214707409-3252344327-2410781183-1001\...\StartupApproved\Run: => "SideSync"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F895E3C3-CB00-4E34-A0F5-F99CD83131AC}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{C3DDDBFA-E241-46A1-8BC0-0BE7E4BA1D9F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{1200840D-6093-445D-AE4E-98392131C817}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [{E84CCA5C-2FEC-4458-AE1B-398FC808C92C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Software Development Products -> )
FirewallRules: [UDP Query User{371E3EEE-F9DF-4B96-A303-18DB7369A923}D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe No File
FirewallRules: [TCP Query User{7D3D7ABC-D5AC-4E1D-BD41-ACAE58349F3A}D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) D:\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe No File
FirewallRules: [UDP Query User{B93CD105-3007-4EFB-9F51-B757CC88B51D}D:\rime\rime\sirengame\binaries\win64\rime.exe] => (Allow) D:\rime\rime\sirengame\binaries\win64\rime.exe No File
FirewallRules: [TCP Query User{02BF6F68-3B03-42B4-A6A3-B34C34AF19CD}D:\rime\rime\sirengame\binaries\win64\rime.exe] => (Allow) D:\rime\rime\sirengame\binaries\win64\rime.exe No File
FirewallRules: [UDP Query User{A58506B1-E32A-4BCD-97D1-837AC5799265}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [TCP Query User{560BC0A6-6055-4455-B7FB-61C6576CA675}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [UDP Query User{0C1534F3-BA5D-4D4F-8C31-D96652A49D40}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{217AA0B9-E292-4DE3-A2EF-7487261C198A}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{FC5CE6A8-7641-4DB6-B3FC-7E2B248B272E}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{3FCAB9AA-DF1D-4D00-923D-2C8AAE5C50CE}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{34DB9D6E-0F45-426D-811C-52486EF804F7}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Block) C:\program files (x86)\samsung\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{8A7A053C-4183-4FD1-84CF-856F5E6BDB1C}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Block) C:\program files (x86)\samsung\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BFF9E5F2-BF75-49C4-AE4C-8F35D95C5BF9}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5D936E5F-6D84-4CEE-A94B-5C8286CA6C48}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{CD5671AD-C169-40AD-8149-F242D15BEF77}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1904.0511\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
FirewallRules: [UDP Query User{27D620FB-06E0-4A21-8DBA-38192533272A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{ED97ACEB-81B4-4751-9FBC-1724F12CD2DD}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{71A8BCAD-947F-486C-A37E-F414004BAB33}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{55EC2B93-4E69-411A-A703-9FA5C77DD070}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{BD249571-C4D8-4BE9-A8D5-AA0A49BDB6D9}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [TCP Query User{FF0D3326-708E-4123-B67C-A0D73C61B811}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{FF2DEA5E-FE84-4BC8-9FA9-639E86E84761}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{1A3E1252-C457-403D-BB9E-7443F0ABA899}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{84690327-B645-4958-B27E-ED260FC250BE}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{1FAC6F46-5EF5-4CF2-A49D-5FEE50F7C4AF}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{DB74CA7F-7B52-4195-81A4-0D7010E05EC0}C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonathan mark peteza\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E83B73B4-DB32-4626-9EEF-6AB645517FCF}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{BDF250B2-7BDD-459F-A7E8-90EB7AD89C69}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{FE815FFE-D6A0-43E6-BA0D-9473A0001F6D}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{76EFE0BD-97AA-41B6-AC47-1EFE770E1DB9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0E55134B-819A-4592-9345-64E79C4A3772}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F4274DAF-21AE-4AFD-87B6-B6709B955332}] => (Allow) D:\Users\Jonathan Mark Peteza\Documents\GAMES\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{E87D886C-BE05-4102-A030-9D7229E1FA2E}D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{7B171A83-0A84-4126-9B6E-29BA29969F07}D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{10BECDBB-3A8D-41D0-886E-047F65524FC8}D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{B42597AA-D812-4354-9E55-3E56D9124F52}D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{3657FB77-085D-434C-9CC4-8941C42DD4E1}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1902.0110\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
FirewallRules: [UDP Query User{A4D6E769-9227-46A4-AE3E-DC733E3E13E1}D:\32774\leagueclient\leagueclient.exe] => (Allow) D:\32774\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{5A8558AB-BE27-4553-9DCE-C43D81250BE1}D:\32774\leagueclient\leagueclient.exe] => (Allow) D:\32774\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{E2F3D88E-58B1-4C5A-93B1-9D1A4F8C89C4}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1812.2810\gxxsvc.exe No File
FirewallRules: [UDP Query User{AD52AE69-DE9F-4CF4-906B-61C4A452921E}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [TCP Query User{5C8828C5-4286-4A59-9096-3E4C93C911FA}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{6F0957D9-E52B-48F1-8A0A-B8C1632DF415}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C165FA88-3357-4754-A1DB-781B9E6DAB17}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E2ABA2CD-8325-4C47-BAE0-7587EEAE5BF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{45D64A72-07B4-4F58-8D15-A02186FD1B1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D8D064E0-3B0E-4BB2-B4ED-80B787774900}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [TCP Query User{8C6B5FCB-7555-4E3E-9E31-B2A05A4258FD}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{6E5CB063-F1F0-4301-8047-041CCF64830F}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [TCP Query User{3FCB256B-CE16-48CF-83AA-E187BBEA6833}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{5A1310D2-B4B1-4815-8CEC-7BA9B7706AC3}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{70F56BC3-8B8C-4CA0-B9A7-436881E4AD8B}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{2743051B-E126-49EC-8B8F-897303110567}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{2AB59DD9-E705-429B-BF82-80D8D8B37BF6}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [{21D26C50-96B7-429D-B0A5-8C5448D4651F}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
FirewallRules: [{6DE58A09-0C93-46F0-A0FE-C7FE9493EB4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0A1D64D2-D5C1-4DDD-A19B-8EC3FAD732E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{F60C7886-C487-429B-996B-DC3539FDAF3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FAFFD965-A068-49EF-9B07-7AEE733A32CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{9C6015AC-AB3C-4592-9FA4-BCC1031A53E3}C:\creative destruction\client.exe] => (Allow) C:\creative destruction\client.exe No File
FirewallRules: [TCP Query User{71F226A4-C42B-4A8F-B54A-DB63FC1D3491}C:\creative destruction\client.exe] => (Allow) C:\creative destruction\client.exe No File
FirewallRules: [UDP Query User{98BDC334-0461-4FA4-8E19-35B1EA471888}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{F72A7864-880A-41FE-894D-FB6DBE423EBB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{A65342E4-20A3-4EC1-93CD-A13D4A3BD787}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [UDP Query User{4C771429-8A46-409C-9EC4-DEAC63FAA450}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{59948C47-DBB8-439A-BA32-F8287F02E9C6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{F8F4DD74-3D0D-4A13-A624-F4F9023EDDF0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{ED721702-D0B9-4096-A585-720366DAD3AA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{45DDB473-3C10-424C-9C58-B300214E0E21}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe No File
FirewallRules: [TCP Query User{93CE391D-4BF6-4092-8374-6FF3DD0F6AC3}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe No File
FirewallRules: [UDP Query User{DCF6E920-DE7C-4C5F-B70E-8664B43A12F9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [TCP Query User{6E667BFA-7810-484F-BB1E-C692A34BE395}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [{A6C724C9-7911-4C15-AB1C-D59F58080048}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File
FirewallRules: [{67E36115-46B4-4A70-AD8F-DF298C07CAA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [{0A20B95D-4C87-4311-B4FD-F162E4D4623B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5919955A-0D63-4EE3-93B7-9A3376A52A82}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{40489F30-8F64-4BED-888A-1D2B40284E58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1AA2EC55-0726-445D-AA58-6DADFFE37FAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F9D017E-7F9A-4EC3-AE78-EB7E6A2764D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{434A3B94-A0BA-488E-B771-16BFA7875E06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B33615A6-3015-4149-9002-A08CF342A23D}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{2BE6999D-34C7-424E-A4CA-1F9D9B553FD6}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{0AFFAA1A-D519-4A82-9D9C-F5C1F2956645}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{EFB2AC2F-F285-4D8E-A90E-B5FDA7CAA17D}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe No File
FirewallRules: [{27BDF763-49E3-4906-9A8A-22255EB80472}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{1D6DDBC3-D491-49DC-928A-6AD3F8CE5DDF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [TCP Query User{9EB2401B-46D6-4ADA-936A-5BC1D0CEEF0C}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{4063D9CD-50CB-4677-8C58-4352D6FC1DF9}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [TCP Query User{7AEA04B6-E63D-4C42-851A-269C547EDA21}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{DF27A0BA-BF23-4204-AD01-099C6528AD61}C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rules of survival\ccmini\ccmini.exe No File
FirewallRules: [TCP Query User{63FEBC0A-3373-413A-9A06-2354C9DDDCBE}D:\creative destruction\client.exe] => (Allow) D:\creative destruction\client.exe No File
FirewallRules: [UDP Query User{ECA0308C-B32E-4FBC-87A7-E6E34C18968C}D:\creative destruction\client.exe] => (Allow) D:\creative destruction\client.exe No File
FirewallRules: [{66A19A8A-FC7E-4F1C-8EC1-D7FFBEC3891F}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{FEE7EC83-7B69-4EF0-B5A9-13C448AA5BAC}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [TCP Query User{B8C758CC-9AFF-47DE-910C-5E15220190B1}D:\creative destruction\ccmini\ccmini.exe] => (Allow) D:\creative destruction\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{1BE0E910-659D-432A-B17A-BF29E5DE070D}D:\creative destruction\ccmini\ccmini.exe] => (Allow) D:\creative destruction\ccmini\ccmini.exe No File
FirewallRules: [TCP Query User{416D9DD1-BEE8-4303-BF84-62E5BB34FC04}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{75DBE7F5-35C5-4EC7-A5AF-8171492E0E7A}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E2950314-9C50-409B-954E-AD48218F1CD8}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7BED151B-C3A8-4470-BF90-15E4225436F4}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{2ABE3686-0FA2-438F-B73B-727B65B7B1F6}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9CD4A29B-A7AD-4596-8BC1-6ABAC612DF15}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F9E9FD04-749D-4DD8-8CE6-BF6849CCFDE8}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [UDP Query User{06B45B53-53DC-476D-9BD9-E524E764056A}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [TCP Query User{546F7A5F-CE30-4C09-9EBE-6EA8416161CB}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [UDP Query User{74AD10E2-0D93-4BE7-B1AA-CB3914325EED}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [TCP Query User{687C978C-C017-4E8F-99EB-E0D730F9AFE5}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [UDP Query User{FD9EE1AC-3583-4DEE-8B19-928C8CA66BC0}C:\program files (x86)\twomon pc program\twomon pc program.exe] => (Allow) C:\program files (x86)\twomon pc program\twomon pc program.exe No File
FirewallRules: [{701E679B-33A4-4495-95E3-57215E7A3EC5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [{4BAA9829-A93A-40D6-AA0A-00A7F0F31EAB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [{88363EC8-CC31-4777-97A8-8534AB0FFF17}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [{54B8A349-362F-486B-B302-026C67169568}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_9.4.7.0_x64__v10z8vjag6ke6\win32\Streamer\omen.exe No File
FirewallRules: [TCP Query User{9EEDB1A3-52C3-4492-9D70-B6272894C0AB}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe No File
FirewallRules: [UDP Query User{33826A3A-E1D5-4783-A5AB-9555D5B39419}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe No File
FirewallRules: [{3BB4A15F-A767-46D2-AA1A-D6A75F237F9A}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{BD9E036C-9B54-4874-808B-C331CE8D5AF0}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{5992F757-4350-4272-A053-31CD5877DDCD}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [UDP Query User{1BD9BCEB-345F-43A1-95FC-9A69E49FD493}C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\citra\canary-mingw\citra-qt.exe No File
FirewallRules: [TCP Query User{7E5E6F9D-5748-486C-B9C3-27881D8A8F84}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [UDP Query User{13180243-F8FC-4C4C-B174-8EA4B5C2E893}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe No File
FirewallRules: [{4B2B853A-85AB-43E6-A8AD-F9866A7C8CF9}] => (Allow) D:\Steam\steamapps\common\YoutubersLife\YoutubersLife.exe () [File not signed]
FirewallRules: [{D1F0410C-36B4-4ABE-903C-0871DB3E3E69}] => (Allow) D:\Steam\steamapps\common\YoutubersLife\YoutubersLife.exe () [File not signed]
FirewallRules: [{66298945-0273-450F-BB69-55BEEBCB9825}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E652D689-8D1D-44A9-90B6-0F96B22378DA}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{60FC3CF0-867D-4777-95B8-D1444F9BC515}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{03CBC5E9-9431-4BA6-92B9-A5999D5BE9D7}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2556BDF2-A9AD-4AFD-9F32-378790FAC7C6}] => (Block) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B8102F52-70CF-42F1-A356-70ED8906C916}] => (Block) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{DE082781-8E78-431A-968D-7847C191C4CD}D:\steam\steamapps\common\terraria\tmodloaderserver.exe] => (Allow) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{642F0DD3-0C17-4F32-B281-606687CB6FCE}D:\steam\steamapps\common\terraria\tmodloaderserver.exe] => (Allow) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{A0B8B874-6998-4D1F-B113-36EE3D286BB6}] => (Block) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{93D4CA5E-9F2B-4977-86FF-164A69CDE328}] => (Block) D:\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed]
FirewallRules: [{765C56C6-05A6-4CA0-831E-CEBFF2F712D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA80A081-17A3-4E63-9CA8-9257A5A9CD79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CB9C32B0-69A9-4821-9203-64A9EBD1E38C}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{657DA16D-FA02-47D1-8243-657A3048EEC9}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{12B4FEC2-AF09-495F-8563-58FE9C986827}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AABCFD0B-1D4B-4ACA-8A94-947A9A22D96D}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AF9F777F-6F5C-451B-A7CF-61D861E2CF87}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
FirewallRules: [{4A13FE62-B541-45A1-8A6D-E4F36258B90A}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9F06676D-BCBD-4F40-AE3D-3669B27C9889}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4EA5A15D-AB7E-4BE9-BC89-F3CAA3E535F7}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{005DB058-3535-4FAF-8A33-BD9CEDCC3AAC}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D39C3EDC-6F0F-4518-A3E7-9AE3552EEE95}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3F4420C3-A93E-42D8-9945-69BA71A66790}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0D5137C6-F909-406F-B8E3-092375C1C8DE}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BC303498-77AA-44B5-82A2-C3749033C196}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{7587BAD1-E6AE-4D1C-901B-8A97BB5DA3D3}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{519F0FB5-B476-47AD-AD46-3BBB054BF9D2}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9A813332-C314-44A0-8B59-A12698A82DA1}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{600F259F-B105-4B67-8851-2AA0852CE092}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{9D356FDF-C72E-4C63-BAA4-6B31E7943B04}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{D85252BD-5721-457A-8EE7-CCAC2EA20D28}D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe] => (Allow) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [UDP Query User{5122FF53-4D6A-473D-AAD3-0F4DC153678D}D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe] => (Allow) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [{39F5D65D-DA35-4D86-81A2-943B96846E1C}] => (Block) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [{8F952508-F437-462F-9E72-8D8690AC37FC}] => (Block) D:\users\jonathan mark peteza\documents\my games\official krunker.io client\official krunker.io client.exe No File
FirewallRules: [{8CD9031B-D4F1-49D3-A9E4-F3267C8CA3D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{619E9EDF-E2B1-4DF9-9463-0D2296D24000}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{862904C1-0ECC-4056-92F2-91013F961A5C}] => (Allow) D:\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe () [File not signed]
FirewallRules: [{A519C979-5FA8-408A-9090-D5F4DE7C8017}] => (Allow) D:\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe () [File not signed]
FirewallRules: [{73B68EC1-071C-48E4-B55B-73385511D3D8}] => (Allow) D:\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp z o.o.) [File not signed]
FirewallRules: [{A2D33407-ECD6-4E19-A9FD-A4AB6E164C53}] => (Allow) D:\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp z o.o.) [File not signed]
FirewallRules: [TCP Query User{96D6AA6E-719B-48BF-86CE-B74080305224}D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [UDP Query User{302D475E-B4AC-4A1B-96B1-CD08F4AFA648}D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [{C6B9366A-9C04-44D1-93BE-558C50BCB066}] => (Block) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [{E4099DF3-88D9-4F0C-8BDF-743D910F1804}] => (Block) D:\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe No File
FirewallRules: [{5D7E2885-AAE3-415F-9F27-6B03E952CE9F}] => (Allow) D:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{E20B7933-7E9E-4560-BF32-61F10CCB683A}] => (Allow) D:\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [TCP Query User{16560BB4-105B-48E2-BD1F-9EEEC910B85C}D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe] => (Allow) D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{6BA5D829-C0FB-46BB-A08C-09E149BCCA9D}D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe] => (Allow) D:\steam\steamapps\common\supersmash\supersmash\supersmash\binaries\win64\supersmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DB371EAA-3B26-40CA-8811-BA8BC803984C}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{786057DA-0D9D-4A09-B233-8208B5C7A0E6}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [TCP Query User{A978FD10-867F-4696-8624-E1DC9B981765}D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe] => (Allow) D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{FC655924-F7CC-4EF6-8047-A13076CD6222}D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe] => (Allow) D:\users\jonathan mark peteza\downloads\lib\nitroxserver-subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{0889231E-1D4C-4FE3-B13C-9B417C3959DB}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{6B53A068-8EA7-4B95-928E-D5C3E624B842}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{B18DC86E-9C82-4C92-A119-DA0B1318DCB3}D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{B9CCB983-6600-457D-8210-DC9547257E56}D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\users\jonathan mark peteza\documents\games\kovaaks\kovaak's fps aim trainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [TCP Query User{48A34C9D-1143-4A2D-883A-992B2393815D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{81FB21D9-7225-4BD3-83ED-825AB23FE909}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{F295EC29-9DD5-41ED-8A17-944272F41AE9}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [UDP Query User{87AB680F-19DA-408D-891A-F11B7AC08243}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [TCP Query User{A0C9BBDD-1C70-430B-92D4-B56F114B27B7}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [UDP Query User{53126A64-5768-4EB9-914C-7900A54E26D7}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe
FirewallRules: [TCP Query User{2F19902D-655D-4366-90B0-CC6FF4A39B73}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{845D4E09-ACD8-4FEB-BB0D-A30166827DDA}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{2F46DB89-B230-4DB0-8EE7-AF8DAC921E3A}C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe (VPN1 LLC -> VPN1 LLC, USA)
FirewallRules: [UDP Query User{C6F53977-385B-4A11-AFAC-CFCF27DFF971}C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe] => (Allow) C:\users\jonathan mark peteza\appdata\local\programs\setupvpn\setupvpn.exe (VPN1 LLC -> VPN1 LLC, USA)
FirewallRules: [{DA18B817-854C-4049-8D72-58CFBFAC7EEF}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{CA04742C-B922-4B35-A3EC-AE6F03225FEE}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{4E88BA39-8281-4426-8046-2E8AE8B70301}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{CC4AC9FC-9058-4A37-97DA-E45B05519339}D:\brackets\node.exe] => (Allow) D:\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{692CE06F-B8B7-4341-BA56-D0088379FD3E}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{A3377493-0BC3-4755-AA0D-2DB02606C1EB}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{B2959550-3198-45E7-A81F-932C7143EE42}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{36F5867B-DD03-4B84-9537-F6FDAEAF34F7}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [TCP Query User{3D20A2B7-45A5-4153-A42F-2DEC53320C61}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [UDP Query User{06AF7241-7293-4F68-BD36-044CA2A62D6B}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [TCP Query User{3496EA44-ADF4-439F-818F-07C0255A8FA3}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [UDP Query User{C78ABD9C-F0D5-4010-AEF4-4F1DD29DAD1C}D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\worldwarz\en_us\client\bin\pc\wwzretailegs.exe No File
FirewallRules: [TCP Query User{7D8A6F93-AFC6-46A6-93E6-065CC7977E14}D:\paladins\binaries\win64\paladins.exe] => (Allow) D:\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{BD10561D-EF0F-4E7C-B5FE-4D5D0978099E}D:\paladins\binaries\win64\paladins.exe] => (Allow) D:\paladins\binaries\win64\paladins.exe No File
FirewallRules: [{CBD6CE54-C5D9-4574-BF1C-5BB78331E29E}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1F5F61B1-C3FF-43D9-86C0-8EDB57F2A0A3}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3885B2A1-D940-4601-BA92-A214E59E4DF6}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{FFE1EC4E-22A6-4045-A03F-FC463537D2A2}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F36ADBD3-421D-4863-96A3-E36ACAE462A6}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A280AFF1-ABE5-45CF-8995-AC5C662D6BF1}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{278802E0-815A-46DB-A7A8-36FC7602FA7E}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CB25BAC1-FEC2-4DB5-82EE-A51F9DACE413}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3566B987-537A-4BEF-990D-36E32275D879}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{97312056-D241-41EC-9350-E6905F1FBF41}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{54A45691-0605-4C4B-B5DB-D31D31BE0BC6}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9E1EBCCB-A99C-4AAC-BA1D-068282070713}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3B196740-3E64-47D4-839B-D6BDC8042448}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9F720D67-0B51-44FE-8A46-2F4D402C303D}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C9CE388E-CE1F-4941-A7BE-0B4ABAB1D1FA}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B6AAE970-DB1F-4AC4-8AE4-8E8657426F14}] => (Allow) C:\Users\Jonathan Mark Peteza\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CD6940DB-CCEC-4A7A-AED5-7AFEAF9B8A52}] => (Allow) D:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{EF3A5A16-53F8-440D-9E28-AAE24FF30F16}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [TCP Query User{253AF948-C606-4BA0-9932-C607B340D1CC}C:\program files (x86)\x-vpn\x-vpn.exe] => (Allow) C:\program files (x86)\x-vpn\x-vpn.exe (Free Connected Limited -> )
FirewallRules: [UDP Query User{DF9F0893-429D-4445-99D6-E2F374462B31}C:\program files (x86)\x-vpn\x-vpn.exe] => (Allow) C:\program files (x86)\x-vpn\x-vpn.exe (Free Connected Limited -> )
FirewallRules: [{B63A9A68-9E9B-4D27-A9AF-62475DB16C34}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{01DEA586-11CD-44C3-86CF-68918531399B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{637FD5F0-588D-4929-B885-3C0E3AE569B4}] => (Allow) D:\Steam\steamapps\common\SuperSmash\SuperSmash\SuperSmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E66393FA-EBA5-407C-B4BF-C9D949C9F472}] => (Allow) D:\Steam\steamapps\common\SuperSmash\SuperSmash\SuperSmash.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0E8B3827-C39C-4DEC-BA90-DEF78D6A261E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12624.20466.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78191FDA-B59A-43D8-A734-1D84E65AAD70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75945D44-6CBC-45F2-97B7-212E518966E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A177215-4438-408F-9AB4-BAEA451AED1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23AE7DEA-0738-4645-B4D4-BE332CB3B48D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05A65765-8688-4BFD-B387-3BDFF84772CD}] => (Allow) D:\Steam\steamapps\common\TerraTech\TerraTechWin64.exe () [File not signed]
FirewallRules: [{23325DD1-8485-4B9B-8A10-78F111D01803}] => (Allow) D:\Steam\steamapps\common\TerraTech\TerraTechWin64.exe () [File not signed]
FirewallRules: [TCP Query User{DDBD0E77-DCB2-4BA0-960B-A3B211422DB2}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [UDP Query User{11BEB8FD-6876-48BE-8818-9A5BAF5B7B6D}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [{909FBF4A-81E7-4DCB-BDBE-6054C08F1C7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
29-04-2020 10:30:50 Restore Point Created by FRST
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/29/2020 11:12:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Jonathan Mark Peteza\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3236.0,language="&#x2a;",type="win32",version="63.0.3236.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/29/2020 11:11:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e709557
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0x16e8
Faulting application start time: 0x01d61dd3d8fb1e3f
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 776c9310-4ce3-4fb7-a003-93fcef1c2345
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/29/2020 11:11:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Program.Main(System.String[])
 
Error: (04/29/2020 11:10:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.815_none_e6c3b941130ffef4.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.815_none_2e70f018278c27fa.manifest.
 
Error: (04/29/2020 10:44:49 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4904,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (04/29/2020 10:37:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Jonathan Mark Peteza\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3236.0,language="&#x2a;",type="win32",version="63.0.3236.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/29/2020 10:36:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e709557
Faulting module name: KERNELBASE.dll, version: 10.0.18362.815, time stamp: 0x67005c2a
Exception code: 0xe0434352
Fault offset: 0x00114402
Faulting process id: 0x15d4
Faulting application start time: 0x01d61dcefccf8638
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: d1bf8c02-3922-424f-8946-ffb86d2fecd5
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/29/2020 10:36:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Program.Main(System.String[])
 
 
System errors:
=============
Error: (04/29/2020 11:13:45 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-4N58D2U8)
Description: Unable to start a DCOM Server: {94269C4E-071A-4116-90E6-52E557067E4E}. The error:
"2147942593"
Happened while starting this command:
C:\Users\Jonathan Mark Peteza\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\FileCoAuth.exe -Embedding
 
Error: (04/29/2020 11:11:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Freemake Improver service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/29/2020 11:11:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Freemake Improver service to connect.
 
Error: (04/29/2020 11:10:05 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-4N58D2U8)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (04/29/2020 11:10:04 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-4N58D2U8)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/29/2020 11:10:04 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-4N58D2U8)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (04/29/2020 11:10:04 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-4N58D2U8)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (04/29/2020 11:10:04 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-4N58D2U8)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
 
Windows Defender:
===================================
Date: 2020-04-29 10:08:15.397
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6FB5B4C1-26FE-4F6C-9108-0B7D4D7A92CA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-29 06:48:24.733
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8D2F22FA-3104-4AE4-9A7A-DCDC132C9091}
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2020-04-27 16:59:08.367
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DAB85A60-746F-45BF-A785-7CF905FFA213}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-24 11:57:23.491
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1876DFDE-B9A4-4BFB-A038-FC467369DD0C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-17 14:30:49.898
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B6B084F7-24C8-4632-99E8-48B6D4A88BA0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-29 11:09:38.037
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-04-29 10:19:52.003
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:19:52.003
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:19:52.003
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-04-29 10:10:04.456
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.277.1025.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
CodeIntegrity:
===================================
 
Date: 2020-04-29 06:42:38.224
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-29 06:38:07.260
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:54:10.369
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:48:24.863
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:42:37.021
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:36:51.671
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:31:06.065
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-04-28 18:25:21.507
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Digital Communications\SAntivirus\SInspector.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F.19 04/18/2019
Motherboard: HP 838F
Processor: Intel® Core™ i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 68%
Total physical RAM: 8070.9 MB
Available physical RAM: 2571.16 MB
Total Virtual: 14726.9 MB
Available Virtual: 7533.71 MB
 
==================== Drives ================================
 
Drive c: (WINDOWS) (Fixed) (Total:118.01 GB) (Free:39.94 GB) NTFS
Drive d: (DATA) (Fixed) (Total:917.57 GB) (Free:217.99 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:13.94 GB) (Free:1.66 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{1f2ed825-b482-4b45-9743-6b99410057f4}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.4 GB) NTFS
\\?\Volume{629b0f54-3fa3-433f-9cc3-affef9c97016}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 286DC53F)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: D0FC9F30)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#23
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 7,601 posts

Nice work jonauwu,

 

I'm not seeing any other issues, Good to have Avast gone it was running 4 or 5 drivers eating up memory. Windows 10 does not need Avast, Avg or the rest of that type of program.. Windows Defender is good enough it's the built in Anti Virus for Win 10..

 

Hows  the computer ?


  • 0

#24
jonauwu

jonauwu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Thank you so much for your help zep516!! I was worried that i downloaded or did something bad to my laptop but its good now.

 

My laptop is still good ive had it for almost two years and im managing it well

 

Again, thank you so much for your time and help!!


  • 0

#25
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 7,601 posts

You're welcome, stay safe an thank you for using the forum...

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Thanks
Joe :)


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP