Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected Computer - Multiple SubProcesses per Process

Started by BeazMagic , Sep 26 2020 03:02 PM

  • Please log in to reply

#1
BeazMagic
Posted 26 September 2020 - 03:02 PM

BeazMagic

    Member

  • Member
  • PipPip
  • 14 posts

So recently was infected with a virus due to not paying attention when installing a file. This happen on Sept 21/22 2020. At the time of the installation, I had Malwarebytes Free and Zenama Free installed on my computer, but only Malwarebytes was active. As soon as I clicked the setup.exe, a batch file opened and began installing several random programs ranging from Web Companions, VPNs, Browsers, as well as changing homepages and the like. I was able to install AVG Free shortly after to try and help. Deleting some files and some hours of scans I has able to get rid of some of the virus. However I began to notice that windows were delayed in moving and my mouse seemed off. So I system restored to 2 weeks prior. However the virus was still around. When I booted up again after, I was met with a bunch of Donate to Trump webpages. After more hours of trying to remove the programs and end processes, I had thought I had removed it all.

Since then my I have noticed that my computer is not running at the same speed it once did and the processes per program are more than what they should be, which is often causing my CPU to hit 100% usage often. Here is a screenshot of my current processes for Firefox and Spotify. I have 1 tab only on Firefox and only one Spotify open doing nothing. This is not a normal thing for my computer to be doing before this whole event.
 

 

Today and last night ( Sept and 26 ) Ive been doing more research and I believe it was ransomware that is still waiting to pop that I may have interrupted or delayed. Maybe?
Looking through forums I also have downloaded some other Anti Malware and Virus programs. Here is my current list:
Malwarebytes Free

Zenama Free
AVG Free

Super Anti Spyware Free
Malwarebytes AdwCleaner
FRST64
RogueKiller Free

They have all found different files, and found even more of scans following their first. With all of this information, I hoping someone can help me because I am kind of at a lose as what to do next other than to wipe everything, which Id prefer not to do.

I can post my most recent FRST and Addition .txt files from FRST64 if that will help. Just let me know, I would love to fix this asap

Thanks,
Matt



 


  • 0

Advertisements

#2
RKinner
Posted 26 September 2020 - 09:09 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Please post your FRST & Addition.txt files.


  • 0

#3
BeazMagic
Posted 26 September 2020 - 09:24 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Please post your FRST & Addition.txt files.

Thank you for responding <3

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Matt (administrator) on MBEAZLEY (ASUS All Series) (26-09-2020 16:43:59)
Running from C:\Users\Matt\Downloads
Loaded Profiles: Matt
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Matt\Downloads\adwcleaner_8.0.7.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SoundSwitch -> SoundSwitch) C:\Program Files\SoundSwitch\SoundSwitch.exe
(Spotify AB -> Spotify Ltd) C:\Users\Matt\AppData\Roaming\Spotify\Spotify.exe <5>
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-11-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [Spotify] => C:\Users\Matt\AppData\Roaming\Spotify\Spotify.exe [23412456 2020-09-20] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32411536 2020-09-24] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [SoundSwitch] => C:\Program Files\SoundSwitch\SoundSwitch.exe [325784 2020-09-12] (SoundSwitch -> SoundSwitch)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}] => "C:\Users\Matt\Downloads\MTGAInstaller(1).exe" /cmdloc "HKCU\Software\Wizards of the Coast AiTemp\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}" <==== ATTENTION
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11224496 2020-08-27] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\MountPoints2: {13b64409-fc7a-11ea-838d-74d02b2b6f83} - "F:\autorun.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port 11.8 Monitor: C:\WINDOWS\system32\NxPrinterMonitor11.dll [749664 2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-21] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070BD7C3-2077-4310-8CED-FE5B259AC863} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C71A037-F5BB-4F4E-A0D5-F1F5372718A2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {10AD99B1-9990-4C73-B8E9-E6EA376A9E3D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {1553E9B8-1207-4C16-9A10-E35990D9D942} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {16370A03-3820-48F5-8CE8-512B069A7967} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {278A5B53-F7ED-4434-8A6C-726AEE68D072} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2A0A56DB-79CF-43FA-9BCC-DD8AE6441B6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-14] (Google LLC -> Google LLC)
Task: {2D08EFC1-127C-452E-B606-CB6674B569F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2DA64493-997B-4DFF-AEF3-714E9EFE05CA} - System32\Tasks\{BD62331E-5ED1-47B5-8BF8-1427255D7826} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Yearity\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Yearity\uninstall.dat" -a uninstallme 0BB9B18D-BF75-40A0-A474-137989ADD4B8 DeviceId=5a9c487a-9ab2-9ff7-b5d9-70c5f79bccfb BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
Task: {2F61EDD7-AF49-4B8C-B2CE-9FAC42C44943} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {373E9A05-E957-40C2-8A12-C15F43211A66} - System32\Tasks\{C39E3313-CBC2-49FC-976C-52ED16DBECF2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Autodesk\Content Service\Setup\Setup.exe" -c /P {62F029AB-85F2-0000-866A-9FC0DD99DDBC} /M ContentService /LANG en-US
Task: {37A6E813-DF5E-45BF-886E-C84EF31E83D0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {38CC877D-3F0C-40CF-8241-3CE8652A938F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3A826F76-295D-4612-BC1E-B11697B8CFA7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A922EEF-301E-471A-B5AE-75D9E6C1E873} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {44CC9F30-8F7D-4A08-A8E6-A3A4E8E242F0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4E1FE45B-03F7-493D-B89E-263F55F92485} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-20] (Adobe Inc. -> Adobe)
Task: {4FBB0A61-383E-4680-BCB9-9F1CC4E9BEF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {51F35214-B1A8-472D-9C00-9AF5B2DB532C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5A6A6799-0029-4F40-8D64-EA962C96EB9B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-20] (Adobe Inc. -> Adobe)
Task: {5E230A54-E55F-4F50-900B-C1153084916B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6069C2D0-0780-499D-BEE3-29078791E60F} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {6827A3F9-6A80-4389-9E87-AA63A571A399} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {689CC6D6-AB93-4A13-9549-65AC7A851BC0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3897992 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {6C740924-DDF2-4E2C-A5E0-FBB8F556F8BF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72994CB5-48FB-4474-B77F-D097FAEE83D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {753BBD8C-9AA5-4187-937A-CBCA4FE1AF72} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77ED99B2-3847-44BB-9A12-2485A5F85403} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {829FD622-2A8C-460F-A7CD-4DE48D35F321} - System32\Tasks\TinyTakeUpgrade => C:\Program Files (x86)\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8E69B7F8-5024-4B8A-A06C-8F5730C3770D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {972D9CB6-8E85-4427-898A-FB38883601AC} - System32\Tasks\{9A7FA0DF-47E3-4D8C-908D-8EB686C14BC9} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\STAR WARS Battlefront Beta\Cleanup.exe" -c uninstall_game -autologging
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9A4C9655-FD3D-48C9-8EBE-2C29DF2CF91A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F97E855-EBAB-47B0-825D-167149A9B020} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {A286E194-52E0-4564-AE7D-6C6AE32CA916} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [3196064 2013-01-08] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {A9833D7D-74D6-47B1-BFEB-4AE4E5FB0715} - System32\Tasks\{BFB3C48B-5BFF-4794-ACC0-067A0A3001E5} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" -c uplay://uninstall/274
Task: {B03187F4-A022-407F-94CC-80D2CC0F7DAD} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {B04FC1B9-D2DA-44E4-B6BF-807110D382D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAA0C2BE-FE38-4A11-B32C-003321F20C41} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C50A5EA2-17AF-4649-AF63-D4D3E29A119E} - System32\Tasks\ViGEmBusUpdater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {CB6C09F3-869B-4678-8142-C1C2E10D75BC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D3530527-1F26-4C62-AA0F-C54649DC201B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-14] (Google LLC -> Google LLC)
Task: {D851B149-DAF0-4775-A863-83E6E464651C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAA52CA6-61EF-435E-AA43-9789498A3071} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DD86B64C-F686-4885-8F85-9D8834AF07F5} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE815B31-F33E-48B7-A56F-0D07ACE50382} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1B7FF7F-299A-4BAE-A723-A105B0D29677} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F20ED621-98B8-4CCD-88DB-5F00B154FA98} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe
Task: {F5B740C4-9CC8-427F-91FD-C57725BF117E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {FC2E1926-0579-4464-9720-DF5C752D7DF2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FFCCF5BD-9106-4326-BFDE-3534A2D386AE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FFECEB4C-97AC-4EF2-BDAD-3D1A51978B09} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193
Tcpip\..\Interfaces\{bf11c3f8-7de5-4c0c-9aad-11e196607a3d}: [DhcpNameServer] 24.226.1.93 24.226.10.193

Edge:
======
Edge Profile: C:\Users\Matt\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-26]

FireFox:
========
FF DefaultProfile: trnyvziw.default
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\0mx7j511.default-release-1 [2020-09-26]
FF Homepage: Mozilla\Firefox\Profiles\0mx7j511.default-release-1 -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\0mx7j511.default-release-1 -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-09-22 04:28:05&bName=&bitmask=0600
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\jieo3ae9.default-release [2020-09-26]
FF Homepage: Mozilla\Firefox\Profiles\jieo3ae9.default-release -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\jieo3ae9.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-09-22 04:28:05&bName=&bitmask=0600
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default [2020-09-26]
FF NewTab: Mozilla\Firefox\Profiles\trnyvziw.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-09-22 04:28:05&bName=&bitmask=0600
FF Notifications: Mozilla\Firefox\Profiles\trnyvziw.default -> hxxps://froliclabs.slack.com; hxxps://supargames.slack.com
FF Extension: (Facebook Container) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\@contain-facebook.xpi [2020-04-14]
FF Extension: (Reddit Enhancement Suite) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\[email protected] [2020-09-19]
FF Extension: (uBlock Origin) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\[email protected] [2020-08-22]
FF Extension: (Imagus) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2020-04-13] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-20] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-20] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default [2020-09-26]
CHR Extension: (Slides) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-14]
CHR Extension: (Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-14]
CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-14]
CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-14]
CHR Extension: (Sheets) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-14]
CHR Extension: (Google Docs Offline) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-14]
CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-20] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] (ASUSTeK Computer Inc. -> )
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [358432 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7871424 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8457232 2019-05-31] (BattlEye Innovations e.K. -> )
S4 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-04-18] (Apple Inc. -> Apple Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [54312 2019-11-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818288 2020-08-19] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-05] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-23] (Malwarebytes Inc -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13610040 2020-09-15] (Adlice -> )
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MaskVPNService; "C:\Program Files (x86)\MaskVPN\mask_svc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-10-28] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] (ASUSTeK Computer Inc. -> )
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206456 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235648 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195712 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61056 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42832 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175256 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [517648 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469944 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [326488 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [20696 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2020-09-26] (CPUID S.A.R.L.U. -> CPUID)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [65192 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [52392 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22696 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [196776 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2013-01-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc -> Logitech Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-23] (Malwarebytes Inc -> Malwarebytes)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [51776 2019-09-19] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer Inc. -> Razer, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2019-08-21] (ExprsVPN LLC -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\LED Sync\WinRing0\WinRing0x64.sys [14536 2017-11-16] (EVGA -> OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-26 16:45 - 2020-09-26 16:45 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-26 16:45 - 2020-09-26 16:45 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-09-26 16:22 - 2020-09-26 16:22 - 000000080 ___SH C:\bootTel.dat
2020-09-26 15:05 - 2020-09-26 15:05 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-09-26 15:05 - 2020-09-26 15:05 - 000001092 ____C C:\Users\Public\Desktop\Notepad++.lnk
2020-09-26 15:05 - 2020-09-26 15:05 - 000001092 ____C C:\ProgramData\Desktop\Notepad++.lnk
2020-09-26 14:59 - 2020-09-26 14:59 - 000000859 ____C C:\Users\Public\Desktop\RogueKiller.lnk
2020-09-26 14:59 - 2020-09-26 14:59 - 000000859 ____C C:\ProgramData\Desktop\RogueKiller.lnk
2020-09-26 14:59 - 2020-09-26 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-09-26 14:58 - 2020-09-26 15:00 - 000000000 ____D C:\ProgramData\RogueKiller
2020-09-26 14:58 - 2020-09-26 14:59 - 000000000 ____D C:\Program Files\RogueKiller
2020-09-26 14:58 - 2020-09-26 14:58 - 040327848 _____ (Adlice Software ) C:\Users\Matt\Downloads\RogueKiller_setup_ref3.exe
2020-09-26 14:48 - 2020-09-26 14:49 - 000247599 ____C C:\Users\Matt\Downloads\Addition.txt
2020-09-26 14:46 - 2020-09-26 16:44 - 000038713 ____C C:\Users\Matt\Downloads\FRST.txt
2020-09-26 14:30 - 2020-09-26 16:44 - 000000000 ___DC C:\FRST
2020-09-26 14:29 - 2020-09-26 14:29 - 002299392 _____ (Farbar) C:\Users\Matt\Downloads\FRST64.exe
2020-09-26 14:22 - 2020-09-26 14:22 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-09-26 14:22 - 2020-09-26 14:22 - 000002023 ____C C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-09-26 14:22 - 2020-09-26 14:22 - 000002023 ____C C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-09-26 14:22 - 2020-09-26 14:22 - 000000000 ____D C:\Users\Matt\AppData\Roaming\AVG
2020-09-26 14:21 - 2020-09-26 14:21 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000517648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000469944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000339080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-09-26 14:21 - 2020-09-26 14:21 - 000326488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000235648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000206456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000195712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000175256 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000061056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000042832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-09-26 14:21 - 2020-09-26 14:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-09-26 14:21 - 2020-09-26 14:21 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-09-26 14:21 - 2020-09-26 14:21 - 000000000 ____D C:\Program Files\AVG
2020-09-26 06:21 - 2020-09-26 16:23 - 000000000 ___DC C:\SUPERDelete
2020-09-26 02:30 - 2020-09-26 02:31 - 000000000 ___DC C:\AdwCleaner
2020-09-26 02:30 - 2020-09-26 02:30 - 008414384 _____ (Malwarebytes) C:\Users\Matt\Downloads\adwcleaner_8.0.7.exe
2020-09-26 02:26 - 2020-09-26 02:26 - 000000000 ____D C:\Users\Matt\AppData\Roaming\SUPERAntiSpyware.com
2020-09-26 02:25 - 2020-09-26 02:33 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-09-26 02:25 - 2020-09-26 02:25 - 000001809 ____C C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-09-26 02:25 - 2020-09-26 02:25 - 000001809 ____C C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-09-26 02:25 - 2020-09-26 02:25 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-09-26 02:25 - 2020-09-26 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-09-26 02:07 - 2020-09-26 16:23 - 000003192 _____ C:\WINDOWS\system32\Tasks\Trojan Remover
2020-09-26 02:07 - 2020-09-26 02:07 - 000000000 ____D C:\ProgramData\Loaris
2020-09-26 02:06 - 2020-09-26 02:07 - 068579744 _____ (Loaris Inc. ) C:\Users\Matt\Downloads\setup-ltr-3.1.26.228636667.exe
2020-09-26 02:01 - 2020-09-26 02:01 - 002588891 _____ C:\Users\Matt\Downloads\ProcessExplorer.zip
2020-09-26 02:00 - 2020-09-26 02:00 - 000000649 ____C C:\Users\Matt\Desktop\ESET Online Scanner.lnk
2020-09-26 01:59 - 2020-09-26 01:59 - 053491672 _____ (SUPERAntiSpyware) C:\Users\Matt\Downloads\SUPERAntiSpyware.exe
2020-09-26 01:59 - 2020-09-26 01:59 - 014860896 _____ (ESET spol. s r.o.) C:\Users\Matt\Downloads\esetonlinescanner.exe
2020-09-26 01:59 - 2020-09-26 01:59 - 000000777 ____C C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-09-26 01:59 - 2020-09-26 01:59 - 000000000 ____D C:\Users\Matt\AppData\Local\ESET
2020-09-25 20:30 - 2020-09-26 16:45 - 000087117 _____ C:\WINDOWS\ZAM.krnl.trace
2020-09-24 19:41 - 2020-09-24 19:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-24 19:26 - 2020-09-25 20:30 - 000000000 ___DC C:\Program Files (x86)\Mozilla Firefox
2020-09-23 14:55 - 2020-09-26 01:56 - 000000000 ____D C:\Users\Matt\AppData\Roaming\GlarySoft
2020-09-23 14:52 - 2020-09-23 14:52 - 000001325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2020-09-23 14:52 - 2020-09-23 14:52 - 000001313 ____C C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2020-09-23 14:52 - 2020-09-23 14:52 - 000001313 ____C C:\ProgramData\Desktop\Absolute Uninstaller.lnk
2020-09-23 14:52 - 2020-09-23 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2020-09-23 14:52 - 2020-09-23 14:52 - 000000000 ____D C:\ProgramData\GlarySoft
2020-09-23 14:52 - 2020-09-23 14:52 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2020-09-23 14:51 - 2020-09-23 14:51 - 005844400 _____ (Glarysoft Ltd) C:\Users\Matt\Downloads\ausetup.exe
2020-09-23 14:08 - 2020-09-23 14:23 - 000000000 ___DC C:\Users\Matt\Desktop\RegBackup
2020-09-23 13:54 - 2020-03-12 18:53 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-09-23 13:37 - 2020-09-23 13:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-23 13:37 - 2020-09-23 13:37 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-22 18:46 - 2020-09-22 18:46 - 000000915 ____C C:\Users\Matt\Desktop\BitTorrent.lnk
2020-09-22 18:46 - 2020-09-22 18:46 - 000000895 ____C C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2020-09-22 18:45 - 2020-09-22 18:45 - 005047944 _____ (BitTorrent Inc.) C:\Users\Matt\Downloads\BitTorrent.exe
2020-09-22 00:51 - 2020-09-26 16:33 - 000000000 ____D C:\ProgramData\AVG
2020-09-22 00:47 - 2020-09-22 00:47 - 000261056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Matt\Downloads\avg_antivirus_free_setup.exe
2020-09-22 00:35 - 2020-09-20 18:26 - 000046604 _____ C:\Users\Matt\AppData\Local\EF920EC
2020-09-22 00:34 - 2020-09-26 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Updates
2020-09-22 00:34 - 2020-09-26 15:44 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0475CD84-BA63-4DD2-9D1F-B88B09BA13DD}
2020-09-22 00:31 - 2020-09-20 18:26 - 000046604 _____ C:\Users\Matt\AppData\Local\7D4C57E
2020-09-22 00:29 - 2020-09-22 00:40 - 000000000 __SHD C:\Users\Matt\AppData\Roaming\trelos
2020-09-22 00:28 - 2020-09-26 02:31 - 000000000 ____D C:\Users\Matt\AppData\Local\Lavasoft
2020-09-22 00:28 - 2020-09-26 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-09-22 00:27 - 2018-08-29 15:48 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2020-09-21 23:50 - 2020-09-21 23:50 - 000000000 ___DC C:\Users\Matt\AppData\LocalLow\Unexpected Studio
2020-09-21 23:45 - 2001-05-24 15:00 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2020-09-21 23:40 - 2020-09-21 23:41 - 000000000 ____D C:\Users\Matt\AppData\Local\Disc_Soft_Ltd
2020-09-21 23:40 - 2020-09-21 23:40 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2020-09-21 23:40 - 2020-09-21 23:40 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\Users\Public\Documents\Daemon Tools Images
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\Users\Public\Documents\Catch!
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\ProgramData\Documents\Daemon Tools Images
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\ProgramData\Documents\Catch!
2020-09-21 23:39 - 2020-09-21 23:39 - 000791712 _____ (Disc Soft Ltd.) C:\Users\Matt\Downloads\DTLiteInstaller.exe
2020-09-12 13:09 - 2020-09-12 13:09 - 001236552 _____ (Adobe Inc) C:\Users\Matt\Downloads\flashplayer32au_a_install.exe
2020-09-09 09:39 - 2020-09-09 09:39 - 000000000 ___DC C:\Users\Matt\Documents\Zoom
2020-09-08 22:44 - 2020-09-08 22:44 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-08 22:43 - 2020-09-08 22:43 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-08 22:43 - 2020-09-08 22:43 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-08 22:36 - 2020-09-08 22:36 - 000492544 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-08 22:36 - 2020-09-08 22:36 - 000390656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-08 21:31 - 2020-09-08 21:31 - 000000000 ___DC C:\Users\Matt\AppData\LocalLow\NExTStudios
2020-09-07 23:18 - 2020-09-07 23:18 - 000000223 ____C C:\Users\Matt\Desktop\Biped.url
2020-09-03 18:55 - 2020-09-03 18:55 - 000000262 ____C C:\Users\Matt\Desktop\Into The Breach.url
2020-08-29 23:13 - 2020-08-30 17:19 - 000000000 ____D C:\Users\Matt\AppData\Roaming\EasyAntiCheat
2020-08-28 05:37 - 2020-08-28 05:37 - 000000000 ____D C:\Users\Matt\AppData\Local\GOG.com
2020-08-28 05:36 - 2020-08-28 05:36 - 000000000 ____D C:\Users\Matt\AppData\Local\SpaceHulkEnhanced

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-26 16:45 - 2019-10-28 18:28 - 000000000 ___DC C:\Users\Matt\AppData\Local\AMSDK
2020-09-26 16:29 - 2020-02-01 17:43 - 000936788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-26 16:29 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-26 16:25 - 2017-06-03 03:18 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-09-26 16:24 - 2016-11-18 03:01 - 000000000 ___DC C:\Users\Matt\AppData\LocalLow\Mozilla
2020-09-26 16:23 - 2020-02-01 17:41 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2020-09-26 16:23 - 2020-02-01 17:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-26 16:23 - 2017-01-21 16:37 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Spotify
2020-09-26 16:23 - 2017-01-21 16:37 - 000000000 ___DC C:\Users\Matt\AppData\Local\Spotify
2020-09-26 15:05 - 2013-06-13 09:54 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Notepad++
2020-09-26 15:05 - 2013-06-13 09:54 - 000000000 ___DC C:\Program Files (x86)\Notepad++
2020-09-26 14:21 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-26 06:40 - 2013-06-14 05:02 - 000000000 ___DC C:\Program Files (x86)\Steam
2020-09-26 04:58 - 2017-12-27 15:25 - 000000000 ___DC C:\Users\Matt\AppData\Local\Packages
2020-09-26 04:43 - 2015-04-07 18:12 - 000000000 ___DC C:\Users\Matt\Documents\USB Dumps
2020-09-26 04:41 - 2013-08-09 03:43 - 000000000 ___DC C:\Games
2020-09-26 04:35 - 2015-02-07 14:58 - 000000000 ___DC C:\Users\Matt\Documents\Portfolio
2020-09-26 04:31 - 2017-09-30 18:58 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\discord
2020-09-26 04:29 - 2013-07-02 15:20 - 000000000 ___DC C:\Users\Matt\Documents\Projects
2020-09-26 04:25 - 2018-06-19 00:04 - 000000000 ___DC C:\Users\Matt\Documents\Warhammer RPGs
2020-09-26 04:10 - 2014-01-16 17:07 - 000000000 ___DC C:\Users\Matt\AppData\Local\Battle.net
2020-09-26 04:06 - 2013-06-12 07:35 - 000000000 ___DC C:\Program Files (x86)\StarCraft II
2020-09-26 04:05 - 2020-02-01 17:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-26 04:04 - 2019-03-29 07:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-26 02:31 - 2019-03-19 00:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-09-26 01:54 - 2013-06-14 13:33 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\vlc
2020-09-25 23:22 - 2016-12-09 09:38 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\BitTorrent
2020-09-25 23:22 - 2014-01-16 17:07 - 000000000 ___DC C:\Program Files (x86)\Battle.net
2020-09-25 20:37 - 2020-06-19 13:05 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-25 20:37 - 2020-06-19 13:05 - 000002276 ____C C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-25 20:37 - 2020-06-19 13:05 - 000002276 ____C C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-25 20:35 - 2019-11-28 18:57 - 000000000 __HDC C:\Users\Public\Documents\AdobeGCData
2020-09-25 20:35 - 2019-11-28 18:57 - 000000000 __HDC C:\ProgramData\Documents\AdobeGCData
2020-09-25 20:30 - 2013-06-13 14:45 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-24 22:35 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-24 22:35 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-24 20:25 - 2020-04-14 18:18 - 000000000 ___DC C:\Users\Matt\Documents\DnD
2020-09-24 19:45 - 2013-06-13 14:45 - 000000000 ___DC C:\ProgramData\Mozilla
2020-09-24 19:41 - 2013-06-13 14:45 - 000001163 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-24 18:39 - 2019-11-05 02:52 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.2.11f1 (64-bit)
2020-09-23 22:38 - 2018-06-07 01:42 - 000000000 ___DC C:\System Backup
2020-09-23 14:48 - 2020-06-30 19:49 - 000477184 ___SH C:\EUMONBMP.SYS
2020-09-23 14:48 - 2020-06-30 19:49 - 000000000 ____D C:\WINDOWS\system32\config\regsave
2020-09-23 13:38 - 2015-12-21 00:49 - 000000000 ___DC C:\Users\Matt\AppData\Local\CrashDumps
2020-09-23 13:37 - 2020-07-31 00:25 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-23 13:37 - 2019-08-13 16:20 - 000153312 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-23 13:37 - 2019-08-13 16:20 - 000001981 ____C C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-23 13:37 - 2019-08-13 16:20 - 000001981 ____C C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-23 13:14 - 2018-07-29 18:39 - 000000000 ___DC C:\Users\Matt\AppData\Local\D3DSCache
2020-09-21 23:50 - 2013-06-11 09:21 - 000000000 ___DC C:\Users\Matt\Documents\My Games
2020-09-21 22:25 - 2020-04-14 18:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-21 22:25 - 2020-04-14 18:44 - 000002260 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-21 22:25 - 2020-04-14 18:44 - 000002260 ____C C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-21 02:59 - 2017-12-26 23:41 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Factorio
2020-09-20 15:01 - 2020-04-13 09:09 - 000000998 ____C C:\Users\Matt\Desktop\SoundSwitch.lnk
2020-09-20 15:01 - 2020-04-13 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundSwitch
2020-09-20 15:01 - 2020-04-13 09:09 - 000000000 ____D C:\Program Files\SoundSwitch
2020-09-20 14:46 - 2013-07-26 00:10 - 000000000 ___DC C:\Users\Matt\AppData\Local\Adobe
2020-09-20 14:23 - 2020-02-01 17:41 - 000004572 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-20 14:23 - 2019-03-19 00:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-20 14:23 - 2019-03-19 00:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-20 14:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-20 14:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-10 15:01 - 2017-09-30 18:58 - 000002226 ____C C:\Users\Matt\Desktop\Discord.lnk
2020-09-10 15:01 - 2017-09-30 18:58 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-09-10 15:01 - 2017-09-30 18:58 - 000000000 ___DC C:\Users\Matt\AppData\Local\Discord
2020-09-09 09:32 - 2020-02-01 17:30 - 005291800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-09 09:32 - 2017-12-27 15:41 - 000000000 __RDC C:\Users\Matt\3D Objects
2020-09-09 09:32 - 2014-06-17 20:41 - 000000000 _RHDC C:\Users\Public\AccountPictures
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-08 22:51 - 2013-08-30 01:52 - 000000000 ___DC C:\WINDOWS\system32\MRT
2020-09-08 22:47 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-08 22:47 - 2013-06-13 03:33 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-08 22:43 - 2020-02-01 17:33 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-07 23:18 - 2013-07-13 22:42 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-09-05 01:26 - 2020-04-15 17:06 - 000000000 ___DC C:\Users\Matt\Documents\CoC
2020-09-03 19:50 - 2013-06-11 08:21 - 000000000 ___DC C:\Users\Matt\AppData\Local\NVIDIA
2020-09-02 23:58 - 2016-12-20 17:26 - 000000000 ___DC C:\Users\Matt\AppData\Local\ElevatedDiagnostics
2020-09-02 18:06 - 2018-03-02 15:58 - 000000000 ___DC C:\WINDOWS\system32\Drivers\wd
2020-09-02 17:59 - 2018-12-03 11:30 - 000000907 ____C C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-09-01 06:54 - 2020-02-01 17:34 - 000000000 ____D C:\Users\Matt
2020-08-28 04:08 - 2020-06-19 13:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 04:08 - 2020-06-19 13:05 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2015-12-01 22:20 - 2016-04-28 13:45 - 000000132 ____C () C:\Users\Matt\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-04-16 10:29 - 2020-04-16 10:29 - 000320181 ___SH () C:\Users\Matt\AppData\Roaming\cabsdbh
2016-05-16 20:54 - 2016-05-16 20:54 - 051703104 ____C () C:\Users\Matt\AppData\Roaming\chport.exe
2018-03-27 11:25 - 2018-04-05 01:20 - 000001071 ____C () C:\Users\Matt\AppData\Roaming\jd-gui.cfg
2016-05-16 20:54 - 2016-05-16 20:54 - 000000009 ____C () C:\Users\Matt\AppData\Roaming\update.dat
2020-09-22 00:31 - 2020-09-20 18:26 - 000046604 _____ () C:\Users\Matt\AppData\Local\7D4C57E
2020-09-22 00:35 - 2020-09-20 18:26 - 000046604 _____ () C:\Users\Matt\AppData\Local\EF920EC
2019-11-29 16:38 - 2019-11-29 16:38 - 000000000 ____C () C:\Users\Matt\AppData\Local\oobelibMkey.log
2017-10-13 22:46 - 2017-10-14 02:16 - 000000600 ____C () C:\Users\Matt\AppData\Local\PUTTY.RND
2017-07-09 19:41 - 2017-07-09 19:41 - 000000867 ____C () C:\Users\Matt\AppData\Local\recently-used.xbel
2013-08-09 04:07 - 2019-12-12 17:33 - 000007599 ____C () C:\Users\Matt\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#4
BeazMagic
Posted 26 September 2020 - 09:24 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Matt (26-09-2020 16:45:39)
Running from C:\Users\Matt\Downloads
Windows 10 Home Version 1909 18363.1082 (X64) (2020-02-01 21:41:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3050370261-3023350426-1843181019-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3050370261-3023350426-1843181019-503 - Limited - Disabled)
Guest (S-1-5-21-3050370261-3023350426-1843181019-501 - Limited - Disabled)
Matt (S-1-5-21-3050370261-3023350426-1843181019-1001 - Administrator - Enabled) => C:\Users\Matt
WDAGUtilityAccount (S-1-5-21-3050370261-3023350426-1843181019-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 5.3.1.26 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.26 - Glarysoft Ltd)
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.020 - ASUSTek Computer Inc.)
Aurora (HKLM-x32\...\{A65BAA2D-2281-4DEE-93E0-34F323527587}) (Version: 1.0.3 - Aurora)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.7.3140 - AVG Technologies)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\BitTorrent) (Version: 7.10.5.45785 - BitTorrent Inc.)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version:  - Cheat Engine)
Clang with Microsoft CodeGen (HKLM-x32\...\{D1065428-0EDB-3B41-9563-A5E49F98A496}) (Version: 14.0.25516 - Microsoft Corporation) Hidden
Clang with Microsoft CodeGen (HKLM-x32\...\{F6F4C76B-0D67-3B2C-81E2-5B9299E99EDE}) (Version: 14.0.25516 - Microsoft Corporation) Hidden
Clang with Microsoft CodeGen for Microsoft Visual Studio 2015 (HKLM-x32\...\{da78a187-c216-4b8f-b2ff-f6f254e2e26e}) (Version: 14.0.25516.0 - Microsoft Corporation)
CORSAIR iCUE Software (HKLM-x32\...\{5FC3591B-B144-4C9B-A454-2E1A505E5278}) (Version: 3.23.66 - Corsair)
DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
DWG TrueView 2014 (HKLM\...\{5783F2D7-D028-0409-0100-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{A9C35F4D-0340-4588-A3F2-71DF8CD2C456}) (Version: 1.1.117.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FireStorm version V2.0.0.006 (HKLM-x32\...\FireStorm_is1) (Version: V2.0.0.006 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{5018D8E6-8D8E-4F76-9AFD-CB2EF1100E84}) (Version: 13.0.089 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{791FF357-3DE8-485E-BD59-41844BB16415}) (Version: 13.0.089 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 8 Update 171 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180171}) (Version: 8.0.1710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
LED Sync (HKLM-x32\...\{D10D6F85-907E-4F37-8E30-C17F6BC57813}) (Version: 1.1.0 - EVGA)
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30642.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.4 (x64) (HKLM-x32\...\{6ea49e83-4bd6-41b7-85ee-aa6a433739bd}) (Version: 3.1.4.28821 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 81.0 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0 (x64 en-US)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 81.0.0.7565 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MTG Arena (HKLM\...\{46530058-EA0E-40C5-89AF-1084EA6E859B}) (Version: 0.1.3009 - Wizards of the Coast)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Nitro Pro (HKLM\...\{DBA6C72A-FD5D-4A65-A4D8-82D4CB8E818E}) (Version: 11.0.8.470 - Nitro)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.7 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6853 - Realtek Semiconductor Corp.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
RogueKiller version 14.7.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.7.3.0 - Adlice Software)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SoundSwitch 5.5.3.26916 (HKLM\...\SoundSwitch_is1) (Version: 5.5.3.26916 - Antoine Aflalo)
Spotify (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Spotify) (Version: 1.1.42.622.gbd112320 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1208 - SUPERAntiSpyware.com)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{33952D66-D503-10CA-DD8E-E365C15EB4E0}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B048B812-32DE-3474-FA64-223B6A63AD47}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4018334) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E27BA6F9-6C03-4D1F-B34F-E3B1AB6B5C36}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018334) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E27BA6F9-6C03-4D1F-B34F-E3B1AB6B5C36}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018334) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E27BA6F9-6C03-4D1F-B34F-E3B1AB6B5C36}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
ViGEm Bus Driver (HKLM\...\{4030BA52-E312-462E-B020-CCB5A2AC5497}) (Version: 1.16.116 - Nefarius Software Solutions e.U.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ for Mobile Development (iOS support) (HKLM-x32\...\{6aa67741-cbea-4763-a744-e612ed2e6294}) (Version: 14.0.25401.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{ACFEA151-D1BE-4114-875A-87328B6002D4}) (Version: 15.0.26315 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WeMod (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\WeMod) (Version: 6.3.10 - WeMod)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
Zemana AntiMalware version 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoom (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-08] (Canon Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-03-05] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-03-05] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-03-05] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Matt\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{3023B2DC-C93E-4FD8-9C20-FF18F1462052}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{43DB29DA-D3A0-460E-98AA-2A6C1026EC9B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{5DA73FA5-D291-41BF-80A1-8CD7D8BD8949}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Matt\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Matt\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-11-17] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Matt\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-08-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3050370261-3023350426-1843181019-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3050370261-3023350426-1843181019-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3050370261-3023350426-1843181019-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6_S-1-5-21-3050370261-3023350426-1843181019-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-06-03 03:17 - 2020-09-26 16:23 - 000030720 ____C () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2019-11-29 14:42 - 2019-11-29 14:42 - 000209408 ____C () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2019-11-29 14:41 - 2019-11-29 14:41 - 000101376 ____C () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2017-12-26 17:00 - 2016-03-07 19:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2017-12-26 17:00 - 2004-10-05 04:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2020-06-20 23:29 - 2019-07-19 03:14 - 000009216 _____ () [File not signed] C:\Program Files\SoundSwitch\SerilogTraceListener.dll
2020-04-13 09:09 - 2020-09-12 14:57 - 000041984 _____ () [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.Common.dll
2017-12-26 17:00 - 2017-08-30 13:25 - 000026768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2017-12-26 17:00 - 2017-08-30 13:25 - 000061072 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2017-12-26 17:00 - 2017-08-30 13:25 - 000021648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000021696 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000414400 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2017-12-26 17:00 - 2017-09-11 15:28 - 000085136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000026304 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000074432 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000079040 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2017-12-26 17:00 - 2017-08-30 13:25 - 000183440 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000163520 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000018112 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000188608 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000024768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2017-12-26 17:00 - 2017-02-21 18:19 - 000083136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000091840 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000019648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000022720 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2017-12-26 17:00 - 2017-08-30 13:25 - 000141456 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000029376 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2017-12-26 17:00 - 2017-08-30 13:25 - 000367760 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000032912 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000296592 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000195776 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000221376 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000162448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000034448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2017-12-26 17:00 - 2017-09-04 18:39 - 000699024 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000487568 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL
2017-12-26 17:00 - 2017-08-30 13:26 - 000844944 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000064192 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000078528 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000114368 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000052416 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000021648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000026816 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000160400 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000085648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000070800 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000072848 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000058560 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000210112 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000305808 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000149184 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000066240 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000210112 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2017-12-26 17:00 - 2017-08-30 13:27 - 000074896 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll
2017-12-26 17:00 - 2017-08-30 13:27 - 000585872 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000045248 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000090816 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2017-12-26 17:00 - 2017-08-30 13:27 - 000055952 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000054464 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000142016 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000138432 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2017-12-26 17:00 - 2017-09-04 18:43 - 000688272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmdManager.dll
2017-12-26 17:00 - 2016-12-06 03:43 - 000022208 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ControlPxe.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000731280 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EMail.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000046736 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuPipe.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000235152 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackup.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000103104 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackupSize.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000575632 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlImgFile.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000046272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlSearchImg.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000161472 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Ftp.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000019648 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FTPTest.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000120976 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImageFileInfo.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000251536 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFileHlp.dll
2017-12-26 17:00 - 2017-08-30 13:26 - 000138896 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MatchStr.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000028864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Options.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000095424 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\PolicyManage.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000124096 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Thread.dll
2017-12-26 17:00 - 2017-08-30 13:27 - 000113296 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Transmit.dll
2017-12-26 17:00 - 2016-12-06 03:44 - 000044736 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\XmlWrapper.dll
2017-12-26 17:00 - 2017-09-04 18:47 - 000382096 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
2017-12-26 17:00 - 2008-11-25 18:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2013-01-31 15:20 - 2013-01-31 15:20 - 000503296 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2013-01-31 15:20 - 2013-01-31 15:20 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2020-04-13 09:09 - 2020-01-31 18:02 - 000513536 _____ (Mark Heath & Contributors) [File not signed] C:\Program Files\SoundSwitch\NAudio.dll
2020-04-13 09:09 - 2020-03-04 18:25 - 000103424 _____ (Microsoft) [File not signed] C:\Program Files\SoundSwitch\Microsoft.WindowsAPICodePack.dll
2020-04-13 09:09 - 2020-07-09 08:10 - 000030720 _____ (Muhammad Rehan Saeed (RehanSaeed.com)) [File not signed] C:\Program Files\SoundSwitch\Serilog.Exceptions.dll
2020-04-13 09:09 - 2020-09-10 02:20 - 000128000 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.dll
2020-04-13 09:09 - 2019-03-08 22:45 - 000006656 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.Enrichers.Environment.dll
2020-04-13 09:09 - 2019-05-02 23:41 - 000006144 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.Enrichers.Thread.dll
2020-04-13 09:09 - 2019-10-17 05:25 - 000028160 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.Sinks.File.dll
2019-10-18 12:06 - 2019-10-18 12:06 - 000090112 ____C (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-04-13 09:09 - 2019-04-18 23:34 - 000012288 _____ (SoftFrame) [File not signed] C:\Program Files\SoundSwitch\RailSharp.dll
2020-04-13 09:09 - 2020-08-22 16:27 - 000027136 _____ (SoundSwitch) [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.Audio.Manager.dll
2020-06-20 23:29 - 2020-09-12 14:57 - 001416192 _____ (SoundSwitch) [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.dll
2020-06-20 23:29 - 2020-06-10 18:55 - 000006656 _____ (SoundSwitch.InterProcess.Communication) [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.InterProcess.Communication.dll
2019-11-14 15:50 - 2019-11-14 15:50 - 002516480 ____C (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2019-11-14 15:50 - 2019-11-14 15:50 - 000530432 ____C (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2019-11-29 15:30 - 2019-11-29 15:30 - 005139576 ____C (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001 -> DefaultScope {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\sony.com -> sony.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2020-09-22 00:27 - 000001030 ____C C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Users\Matt\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Skype\Phone\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\Matt\AppData\Local\Microsoft\WindowsApps;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 24.226.1.93 - 24.226.10.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: ExpressVPNService => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "trelos.url"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E98825FA-BB32-4E55-9408-1326C49E770A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [{C203FE27-E0A6-4FC2-8332-478D7C06E2DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [UDP Query User{7B58B77E-8D67-4DF1-AE9C-DDF5F5F25CCF}C:\games\the surge 2\bin\thesurge2.exe] => (Block) C:\games\the surge 2\bin\thesurge2.exe => No File
FirewallRules: [TCP Query User{FB1EAB82-FD49-4AD5-B2A4-03C6C8AE9E27}C:\games\the surge 2\bin\thesurge2.exe] => (Block) C:\games\the surge 2\bin\thesurge2.exe => No File
FirewallRules: [{27E4CEF6-5544-4332-8AF2-06C04731AC7B}] => (Block) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [{10E9D985-0CAB-45EF-9FC2-A022C2B7A0EC}] => (Block) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [UDP Query User{3D85DFF1-A5AA-4E7A-8742-F850EC21C6EB}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [TCP Query User{45776D3F-6CE9-48E5-BAF8-4B1D0B6255EF}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [{CAFF0173-82A5-47C5-8AB6-D97647EFAD81}] => (Allow) D:\SteamLibrary\steamapps\common\Northgard\ng32\Northgard.exe => No File
FirewallRules: [{067A5C38-9854-4C88-840F-A34D70E66D69}] => (Allow) D:\SteamLibrary\steamapps\common\Northgard\ng32\Northgard.exe => No File
FirewallRules: [{F61C1CCD-CBBE-4BB7-A9B9-99BCEEFAA49D}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{1D646D5F-CE52-48BB-B73D-DF1DC4B19C50}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{4DE4DD1D-EB43-4E18-8A07-E8870E34BF15}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{9294B096-E1D6-4930-B849-B3C7532802E5}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3A382B66-A4AB-4A61-9C81-C2F4E7A558AE}C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe => No File
FirewallRules: [TCP Query User{5AD30C2A-56CD-4653-8E16-8137F56B6623}C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77661\sc2_x64.exe => No File
FirewallRules: [{7A6E78FC-E655-47D1-B0ED-C0AB8E727DB5}] => (Allow) D:\SteamLibrary\steamapps\common\Northgard\ng32\Northgard.exe => No File
FirewallRules: [{99EC40F8-8300-469F-8799-7C0C59281D47}] => (Allow) D:\SteamLibrary\steamapps\common\Northgard\ng32\Northgard.exe => No File
FirewallRules: [{A4B8C401-88BF-4CE0-AC6E-74F5FED00EF8}] => (Block) C:\program files (x86)\starcraft ii\versions\base77535\sc2_x64.exe => No File
FirewallRules: [{7A6DBD15-A8A5-4237-A23A-567F24C411F9}] => (Block) C:\program files (x86)\starcraft ii\versions\base77535\sc2_x64.exe => No File
FirewallRules: [UDP Query User{BCDB6453-328F-40CD-85AE-D1222ADA12F4}C:\program files (x86)\starcraft ii\versions\base77535\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77535\sc2_x64.exe => No File
FirewallRules: [TCP Query User{CB353138-43BC-4471-9A89-12C9BD692689}C:\program files (x86)\starcraft ii\versions\base77535\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77535\sc2_x64.exe => No File
FirewallRules: [UDP Query User{43BC8CB6-538F-4B6F-B157-DE29F23D415B}C:\games\phoenix point\phoenixpointwin64.exe] => (Block) C:\games\phoenix point\phoenixpointwin64.exe => No File
FirewallRules: [TCP Query User{D26589FF-8762-4378-B647-FD3A3CB03932}C:\games\phoenix point\phoenixpointwin64.exe] => (Block) C:\games\phoenix point\phoenixpointwin64.exe => No File
FirewallRules: [{3EC200C8-D336-4027-8179-9720325268B8}] => (Block) C:\program files (x86)\starcraft ii\versions\base77379\sc2_x64.exe => No File
FirewallRules: [{586CC84B-B63D-4982-89B1-B778DED79773}] => (Block) C:\program files (x86)\starcraft ii\versions\base77379\sc2_x64.exe => No File
FirewallRules: [UDP Query User{060A6769-D9EC-463F-83EA-BFED021E4AC5}C:\program files (x86)\starcraft ii\versions\base77379\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77379\sc2_x64.exe => No File
FirewallRules: [TCP Query User{71B8F217-877A-4BBC-8430-D608C567B2A1}C:\program files (x86)\starcraft ii\versions\base77379\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base77379\sc2_x64.exe => No File
FirewallRules: [{3A3C20A4-4CE0-46C5-9019-A3D9E2047212}] => (Block) C:\users\matt\appdata\local\maptool\maptool.exe => No File
FirewallRules: [{73608E55-7B3F-41E4-8F58-A5245E82F0A4}] => (Block) C:\users\matt\appdata\local\maptool\maptool.exe => No File
FirewallRules: [UDP Query User{62A9E94D-AE6D-4F7C-81F3-ABC92A33A89E}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{BBA81041-3614-4EC9-8C2F-10D1348C3682}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{115710A5-0C43-4878-8B19-05153ACADFC4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [TCP Query User{4D13EBB3-9066-4AA5-A7EE-E09B9A05415B}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{B1334B40-B62C-4FB6-9E3F-151E7411E587}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe => No File
FirewallRules: [{169C1D26-19B7-4BF5-A72A-212C3FD17CEE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe => No File
FirewallRules: [{D64B0C04-55F3-4086-B7DD-050D214D2386}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe => No File
FirewallRules: [{56EA2DEF-977D-4658-8824-129E2FEBE4C3}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe => No File
FirewallRules: [{BDD170EA-682E-40B5-AFC0-7254814BB518}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe => No File
FirewallRules: [{8B213E4C-C622-44A9-81D7-111F2508069B}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe => No File
FirewallRules: [{78894547-2D0C-4778-AEBB-5E6CBDB419CE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe => No File
FirewallRules: [{0892F9B6-1A00-4C9C-8F1E-25A1DE91F2C1}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe => No File
FirewallRules: [{6D751D82-2FA4-496D-880B-C02C962BB58A}] => (Block) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [{DBDE75E6-588E-42F9-8786-1DFCC18C5953}] => (Block) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [UDP Query User{56D7FA05-1D69-4633-88AD-BB9E77594E84}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [TCP Query User{B01DC719-000A-4E20-A87C-52BF589F9B77}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [{824B9009-317E-4578-B151-2F3CBEDA9FD3}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => No File
FirewallRules: [{D89C6D2A-D3A3-4172-8F8A-D0D6BE5189CA}] => (Allow) D:\SteamLibrary\steamapps\common\Northgard\hl32\hl.exe => No File
FirewallRules: [{49A80F71-AED2-4B0A-9318-A3DF240ECD94}] => (Allow) D:\SteamLibrary\steamapps\common\Northgard\hl32\hl.exe => No File
FirewallRules: [UDP Query User{9E1C587E-F02F-42D2-B764-DFD0668D6409}C:\program files (x86)\starcraft ii\versions\base76811\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76811\sc2_x64.exe => No File
FirewallRules: [TCP Query User{82A29F78-D441-4504-9597-FAB183A28818}C:\program files (x86)\starcraft ii\versions\base76811\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76811\sc2_x64.exe => No File
FirewallRules: [{1766453F-D0EE-46C3-82F1-15226AA51C36}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92DF0E2E-37B0-4D86-B140-3C416F77CE59}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{B07C4029-0E4C-4700-90EE-28707B9A82CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{443D2DAB-1F15-472F-A30A-AE228803A480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [UDP Query User{1D4610BA-34AF-4D4F-AA9D-797861A69FE4}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [TCP Query User{D41D6878-F7C7-4273-9DBB-C9731AE56733}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [UDP Query User{75CBDB31-9C9B-4A33-95BF-5B92D1AC5517}C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe => No File
FirewallRules: [TCP Query User{3D2C7436-BD1E-4178-86CF-A5750E13D761}C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base76114\sc2_x64.exe => No File
FirewallRules: [UDP Query User{F8437226-56DA-46A9-9BD2-8FCC7711BC5C}C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{298206A5-5E22-49E7-B6EB-DE0F50DA6F41}C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{61E22352-BB2D-47CF-AF36-4A92045F9321}C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{46D1649C-3ACA-4E5D-A369-007AA7AF357D}C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{C1F62877-552C-4A47-B3B0-E8C70A983180}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File
FirewallRules: [{DB66BC16-B32F-4B60-BE90-ECAAD1990C46}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File
FirewallRules: [{59E16DC9-8ADE-4AC1-81BB-F180FCABF6EA}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File
FirewallRules: [{22E8F124-37B2-4FF3-86ED-BCA15F897628}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File
FirewallRules: [{FD2B4264-388E-44E6-A0AF-748832000823}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File
FirewallRules: [{55292832-D47D-4DC8-9ED1-254C6EE3D5C9}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File
FirewallRules: [{5AEB0612-5E26-491F-88FA-27643D467795}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File
FirewallRules: [{FD3D2ADC-923B-423A-AD6F-44AC9147FB03}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File
FirewallRules: [UDP Query User{0661F454-B544-4B26-8947-BE9DA1C68645}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{73B9AD13-B9FD-48E3-B745-7E4AF520CF16}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{735A1A61-C831-4EDE-9373-B45187DA6267}C:\program files (x86)\starcraft ii\versions\base74741\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base74741\sc2_x64.exe => No File
FirewallRules: [TCP Query User{27F0706F-DAE0-432A-989C-2F77B0BB14B5}C:\program files (x86)\starcraft ii\versions\base74741\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base74741\sc2_x64.exe => No File
FirewallRules: [UDP Query User{BCE40B69-CAEF-48F7-9B8A-BFA336F966F9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1D871C3E-2A2E-4440-AC86-4ADFE6286D73}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{08C64CBC-6723-4C72-82CA-650DEDF64A8B}D:\steamlibrary\steamapps\common\deathgarden\theexit\binaries\win64\theexit.exe] => (Allow) D:\steamlibrary\steamapps\common\deathgarden\theexit\binaries\win64\theexit.exe => No File
FirewallRules: [TCP Query User{39DD3A0F-C7B4-44E0-A1FC-F5B4B22FF23B}D:\steamlibrary\steamapps\common\deathgarden\theexit\binaries\win64\theexit.exe] => (Allow) D:\steamlibrary\steamapps\common\deathgarden\theexit\binaries\win64\theexit.exe => No File
FirewallRules: [UDP Query User{D7334612-BF0E-494E-A44C-3343D5E647C4}C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe => No File
FirewallRules: [TCP Query User{34EB428B-97AE-4332-AA12-9FADEEA7B204}C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe => No File
FirewallRules: [UDP Query User{C84D356D-609C-427B-A4F2-0F068235BF00}D:\downloads\games\risk.of.rain.2\risk of rain 2.exe] => (Block) D:\downloads\games\risk.of.rain.2\risk of rain 2.exe => No File
FirewallRules: [TCP Query User{0D6B29FD-9C1F-4F18-A75A-39367E857924}D:\downloads\games\risk.of.rain.2\risk of rain 2.exe] => (Block) D:\downloads\games\risk.of.rain.2\risk of rain 2.exe => No File
FirewallRules: [UDP Query User{55D2EFD1-222E-4B63-B8F0-D3E075D6334E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A528B01F-AFFA-46C4-9306-A01E128A3A37}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{13BEC74F-17B6-4929-B447-AA0E50888BAE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{8A22096C-5D92-48B8-BF6A-755B5F9BBCE1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A8521CBA-0651-4245-95C2-A5B4B9BF6F30}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{CB90EE00-A160-44A2-BF60-6DEA20180B82}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{36607F50-3394-4586-B14B-1F375D930B37}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{328A7150-CC58-481A-BAB5-647D65C80E96}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{EA4D7528-144F-42FD-9963-8BF33EEAD47A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{2DC7B96D-E6C2-4A87-BC9A-F07B4CA530B3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{DAAC1123-AE7C-4944-A820-470E8DF7D034}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A8003993-3493-4315-AC89-75AC19B22E92}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{AFEEEB64-B9EF-44B4-A424-ED606A604F35}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{EF6489F6-E9B8-4651-B5FA-86831A4876B7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => No File
FirewallRules: [{2F133310-9F04-4794-ADE7-B3CC82456A6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{92C66FED-53E1-44D5-8E61-A07F65595218}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{737BD498-EA39-4E90-A8CB-ABADE2382525}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [{5BE8FCD5-845F-4A11-9B10-88E6C345E769}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{C9980EBE-C48A-4107-99EF-5F24CBF4C602}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{C7F3F041-7737-4B49-AB34-440D9DA1CC20}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{33146705-2334-4205-89FC-2814718A67D9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{638819EE-6BF9-48A7-871C-6318C87B7472}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{DCC61C81-749A-42AE-9509-A65F738E48D2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{6C22EE3E-13CC-4C25-AF2F-7A71140F4561}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{96F6BA24-55F0-4D14-A102-6714D7AD4B8A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{11E29AB8-A206-4E09-9391-A5CA8B0DF3FE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{8174D5FA-902D-44D0-921D-EB9116DF43FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{BCCF5EC1-F021-475E-86A2-81BB6418C7CE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{0479460B-C945-4F93-9ABF-6EDDE92D3F1B}C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe => No File
FirewallRules: [TCP Query User{EE561670-C203-4D0D-BBD3-0EAB72E2F5D2}C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe => No File
FirewallRules: [UDP Query User{D6BBF079-BA2A-4E23-9553-941A0118F4B1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{2E550B6D-8754-4CA9-9ED9-D5724B5A214C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{8D76F4D5-4951-4C33-8BF6-E199B069B1F9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{0ECFF814-CC03-41C5-BD05-C6911D7B4E0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{B978471A-E503-4050-B562-9602AB3523BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A235BAEE-190A-436B-A1D5-6420AB9F2F4C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{929B33A8-BF01-4FB2-A866-80C2BED7F3BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{C5EE5E55-8EA3-4B70-91E4-C26D6C1AE8FF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{8C7A431A-2B6C-43A3-8CA8-F8CE5228DC81}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{5C68F60F-5310-4A50-BA8C-73D000A77365}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{1CB61883-8E59-4595-A5FB-870939399608}C:\program files (x86)\starcraft ii\versions\base65895\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base65895\sc2_x64.exe => No File
FirewallRules: [TCP Query User{DD68DC86-224E-47AB-8D93-62FD3E87D0C0}C:\program files (x86)\starcraft ii\versions\base65895\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base65895\sc2_x64.exe => No File
FirewallRules: [UDP Query User{BAAB673D-B259-4EAB-883E-2481EDBFD331}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5CB7E37C-0633-4FDC-AAA9-537309ADDD7E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{97DA605E-07FA-4A08-A215-77EE70ECFE9C}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{2DF75D85-43D6-49AF-B33A-04357CA92056}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{7B661940-9EE6-4887-967C-93E0F9D75116}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B1969ADE-F2A8-42F7-8572-F8E6DA8D5C90}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{1126B1F1-115A-4431-A264-6426924F4ABB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{1A80F49D-5D92-4C00-BA5B-673A25B0D955}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{C5AF95D8-0FFB-4D3B-A8D6-E58F4B3E924C}C:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) C:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{D14C421D-E976-421B-957E-E9047CC6D546}C:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) C:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{5412A1CA-A6D9-45F0-A5D1-1CB40F826BFB}C:\program files (x86)\heroes of the storm\versions\base65617\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base65617\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{BA916269-A354-4884-BB2D-E97C5CCC4841}C:\program files (x86)\heroes of the storm\versions\base65617\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base65617\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{56886FF4-B104-468C-9210-0187EF97E540}C:\program files (x86)\starcraft ii\versions\base65384\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base65384\sc2_x64.exe => No File
FirewallRules: [TCP Query User{220842E5-507E-48B8-9944-DA502F9D0CF4}C:\program files (x86)\starcraft ii\versions\base65384\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base65384\sc2_x64.exe => No File
FirewallRules: [UDP Query User{0B96A387-A05A-47E1-A49D-F748D2449DAC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{69E57FF8-0AF0-48B2-A905-0381481B6263}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{103D5341-44DC-49F9-B011-6ED1982CEE4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B3D0122B-8743-47D8-B22B-A245CDDC4E6F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{050E65BB-CE8F-47EC-B640-62AD81CBD908}C:\program files (x86)\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{36226085-FB3F-4B10-AD79-71FA5BF6583A}C:\program files (x86)\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{42B5B84D-7E53-432A-A916-78B2DE254557}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{0EF71FC5-5135-4488-9CE9-D91C55A722FB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => No File
FirewallRules: [{E54270AC-D654-4218-8220-815C773C2A88}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe => No File
FirewallRules: [{09195ADC-A9B2-4BF4-87B4-08EAD5AF43AB}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{76530034-F034-49BE-82CD-E48EF91D30F3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{BDE281BB-3DC5-425A-ABB8-AB8477B8DD95}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe => No File
FirewallRules: [{25E3E98E-6FEF-424A-B6E1-F6797FB31665}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => No File
FirewallRules: [{222ED3A5-8BEB-489F-BC5A-27E70083AE79}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{B11FAF9C-0493-492D-AB30-96532281686D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{5DF4F089-D8C4-4E47-B673-7872C100C5CD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => No File
FirewallRules: [{4081DB6B-CD92-4551-A7D6-18E9E0A7DB6B}] => (Block) C:\program files (x86)\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe => No File
FirewallRules: [{7C4CA35C-911B-427A-B559-BA3840E15596}] => (Block) C:\program files (x86)\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{5BF55911-E396-403D-85A4-B94B6711D3A6}C:\program files (x86)\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{8B7028C4-AC3F-478B-AA14-888729A38501}C:\program files (x86)\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe => No File
FirewallRules: [{409E27A8-CE48-4A63-9E45-563DC5F4D1EC}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => No File
FirewallRules: [{430152FD-1B9D-41B4-97F1-66B38BCBB8DA}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{56F74C33-9A36-457E-A3EB-A089BDCB02C2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B995325F-5270-4C74-9A95-1359509DCDFB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{9D6477E7-8CDC-460E-BC74-7AB4633DB6F8}D:\downloads\games\deep.rock.galactic.update.12\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Block) D:\downloads\games\deep.rock.galactic.update.12\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{C82E4D84-1C89-4779-9F67-0FB5FA1457C1}D:\downloads\games\deep.rock.galactic.update.12\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Block) D:\downloads\games\deep.rock.galactic.update.12\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [{8640075A-94E2-4294-820C-589C55F7DC83}] => (Block) C:\program files (x86)\java\jdk1.8.0_171\bin\java.exe
FirewallRules: [{3C83474B-BF5B-46B7-8841-ABA1E93F192B}] => (Block) C:\program files (x86)\java\jdk1.8.0_171\bin\java.exe
FirewallRules: [UDP Query User{8B6B246F-97EA-421F-8167-CC3310CA53AF}C:\program files (x86)\java\jdk1.8.0_171\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_171\bin\java.exe
FirewallRules: [TCP Query User{84DDBCF8-B690-4E80-A415-F82A2DC15880}C:\program files (x86)\java\jdk1.8.0_171\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_171\bin\java.exe
FirewallRules: [{A0E4B9E8-6EB8-499F-B74B-7A56599B3903}] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\java.exe
FirewallRules: [{1CBD5C7B-0295-4040-8CAB-C9E0B3DD6D82}] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\java.exe
FirewallRules: [UDP Query User{4A494E50-E64D-43DA-A22E-65A80F6A9437}C:\program files (x86)\java\jdk1.7.0_55\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.7.0_55\bin\java.exe
FirewallRules: [TCP Query User{3B4A41A4-4CD7-4B66-B928-184945031460}C:\program files (x86)\java\jdk1.7.0_55\bin\java.exe] => (Allow) C:\program files (x86)\java\jdk1.7.0_55\bin\java.exe
FirewallRules: [{AE226442-1443-4750-8C75-D1DB4F929A05}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => No File
FirewallRules: [{589FA801-E562-4555-86DA-A501CE6308BA}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{51A97230-D175-48E0-89FF-DDE1D10EE416}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{C7A27726-6B09-45D3-A991-A522EBD7D2D5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => No File
FirewallRules: [{4CD39AAC-0EDF-48D5-916E-2563F4B23075}] => (Block) C:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{1292D145-2E33-438F-8E36-9F477EE41D96}] => (Block) C:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{AEE00D28-B18D-46E9-AAEB-7ACCF6FF39A5}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [TCP Query User{FA9D0413-D03D-4495-9AAE-9F6DADEB0FEA}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{3DC77411-4796-4A33-842F-B77DD46B37FC}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => No File
FirewallRules: [{300E274F-6FC1-4708-BBE4-884C61A1A0BA}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E3ED797E-F5BD-427F-81AB-45C89966ED35}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{63362092-96EB-4022-B3D0-D0073FABA91B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => No File
FirewallRules: [{E64AD8D8-6B63-4FEB-A5C9-0012DA670E0C}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => No File
FirewallRules: [{21C8BB94-083C-46C5-BA7C-319682195060}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{D183B1BE-6D76-4B90-B829-146FCB8C3199}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{C991D532-25E4-4BF2-AFFE-40CA4EA160C0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{92EC72CB-520B-4368-B1AE-1A57023422F0}C:\program files (x86)\dying light\into the breach\breach.exe] => (Block) C:\program files (x86)\dying light\into the breach\breach.exe => No File
FirewallRules: [TCP Query User{83283069-31B3-4FAA-BCF5-6CB8459335D1}C:\program files (x86)\dying light\into the breach\breach.exe] => (Block) C:\program files (x86)\dying light\into the breach\breach.exe => No File
FirewallRules: [UDP Query User{CCD84E80-BDE0-4A5E-8B3E-6D54D2B32E8E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F77E650C-F4A7-4DCA-894D-D4AFD3ED2762}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{5FBF9428-57CF-47F9-A30B-38F4461637C1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{20D31E75-00E2-4AA9-9219-D4A14DA8F04D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{51DBC642-23E5-433A-968B-A90FE68562F5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F91E0D4A-1A6D-454B-B6E8-86DB1FBBF60A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{4E10C7C7-E5FC-4FEF-9658-E2D89212AC51}C:\programdata\battle.net\agent\agent.6082\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6082\agent.exe => No File
FirewallRules: [TCP Query User{848AE7ED-24BE-4C2A-8702-FD9EA9C77AFD}C:\programdata\battle.net\agent\agent.6082\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6082\agent.exe => No File
FirewallRules: [UDP Query User{0E052F5F-3ACE-49BF-91B1-A17AF4B2CE7B}C:\program files (x86)\starcraft ii\versions\base62848\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62848\sc2_x64.exe => No File
FirewallRules: [TCP Query User{3CF06937-6445-4859-9C9C-D11B1AC074BC}C:\program files (x86)\starcraft ii\versions\base62848\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62848\sc2_x64.exe => No File
FirewallRules: [{40E062D9-BB9E-4BF4-8317-197A00A15ABE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{12835F61-28CA-4715-8D47-03E3828A5F35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{ECD7776E-BA29-4A7A-A853-630FF2090C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{8FBFA7F0-E87F-4009-9B2B-8EE0FF257C37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [UDP Query User{897A045E-CB7B-48E4-87FC-CC8C5D9A760A}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [TCP Query User{435F5B57-DE78-477C-BE84-408F813474B1}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{5616E6E8-B969-4767-90BD-1B562C94D9C4}C:\program files (x86)\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{EE7A76C7-EB68-4053-A0A0-32DD896F8FAB}C:\program files (x86)\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe => No File
FirewallRules: [{866F21E0-A987-4011-9C81-FE8409A87128}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{7DA8BC86-F44D-4680-AD57-5DCC0259E9D2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{9F2CE925-B405-4932-8DDC-42D1991C4199}] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe => No File
FirewallRules: [{C5F75DC7-879C-460B-B701-315E96A7EDEA}] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe => No File
FirewallRules: [UDP Query User{C6902FAD-7560-4FF6-8216-320F8D6307E4}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\javaw.exe => No File
FirewallRules: [TCP Query User{EA7A1D87-85A4-48CE-8070-6FC728E6F399}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\javaw.exe => No File
FirewallRules: [{91B6E3B2-B578-4A64-AA4F-1CEC83294265}] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
FirewallRules: [{D0E30213-751E-47BF-AF30-8D18B85879F3}] => (Block) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
FirewallRules: [UDP Query User{D0512327-EF67-493E-BBFC-5DCDE5BB95C8}C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
FirewallRules: [TCP Query User{7BD727F1-D69D-4719-9E5F-BADF8D684B9B}C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jdk1.7.0_55\bin\javaw.exe
FirewallRules: [{9DC35024-2898-439B-9504-B289AC3C16A9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe => No File
FirewallRules: [{CDA0F89E-4307-45DF-BC28-C8344888F630}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe => No File
FirewallRules: [{49E28253-27D5-4279-80FA-2F02FF744A8E}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe => No File
FirewallRules: [{69D8F225-F7FF-4017-BBE6-6815F5CC5AA0}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe => No File
FirewallRules: [{E6329B03-D2F7-4BF5-8EB1-F1E5A38B17FE}] => (Block) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe => No File
FirewallRules: [{A94713B1-EE89-41E0-AD95-77CD8ED4E442}] => (Block) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe => No File
FirewallRules: [UDP Query User{B79309E7-BCD4-4305-B9A3-6EC871369BCA}C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe => No File
FirewallRules: [TCP Query User{601C210F-9F05-4DC4-9B34-B9AAB374358D}C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe => No File
FirewallRules: [{5E40F2E3-2A22-4DAB-B0A8-7F7C16FD2379}] => (Block) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [{1398E622-EA54-4642-8F80-0F2A4E16F569}] => (Block) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{86CDD893-1B86-41F5-9C81-E38CC33409B4}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{2C1446D8-928C-446F-B214-FB18828A0C8C}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => No File
FirewallRules: [{CEEC917E-A647-471B-9CC1-E73F40365AA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{0D89BC9C-D277-409F-B5D0-0DCD1CE80C96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{0AB6CC3C-4AFD-4759-B284-848157F491F1}] => (Block) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [{8A1F71D8-E4EE-4D65-97BD-ADBAAA8F61D4}] => (Block) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{8CA7B450-4759-4B0D-B93A-0A9592501E0B}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{85567317-23C9-4157-93AA-A9AEA70697D5}C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe => No File
FirewallRules: [{3FF8ECF6-45A7-437F-9D0C-A4B21C8C24A8}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F73DACD-1E11-45B6-A799-2B584A883B16}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E84BF259-9C3E-4FBF-89CB-4A18005EDD5F}] => (Allow) C:\Program Files (x86)\StarCraft\StarCraft.exe => No File
FirewallRules: [{3DD51D2A-CED7-4939-8276-37223F996611}] => (Allow) C:\Program Files (x86)\StarCraft\StarCraft.exe => No File
FirewallRules: [UDP Query User{98C1D359-41CA-427B-89DA-0410E6FB25C7}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Block) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{310B5C4C-5697-4920-8208-CF71A418C786}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Block) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{611CE981-002A-4FDC-A4F2-06ACDF31F021}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe => No File
FirewallRules: [TCP Query User{064A0AEE-2401-46ED-9860-EF1F69921797}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe => No File
FirewallRules: [UDP Query User{D1A3F34B-EDAC-4160-9E47-5E737441ECC0}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F07B1ED8-8310-41E1-A799-F13FA80F472B}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2A1F00A5-0050-4160-99F5-61579C5D651D}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe => No File
FirewallRules: [TCP Query User{B80C39BB-038C-467E-A45B-0DF2D19F84E0}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe => No File
FirewallRules: [UDP Query User{11881E02-844A-4F53-A19F-C910B4212C97}C:\program files (x86)\starcraft ii\versions\base51149\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51149\sc2_x64.exe => No File
FirewallRules: [TCP Query User{704CE360-D492-42E8-B32C-51ACBF1E2613}C:\program files (x86)\starcraft ii\versions\base51149\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51149\sc2_x64.exe => No File
FirewallRules: [UDP Query User{94B7BBA5-DB22-4556-AEC3-4EC5D06B25D8}C:\users\matt\downloads\games\northgard.v0.1.3864\northgard.exe] => (Block) C:\users\matt\downloads\games\northgard.v0.1.3864\northgard.exe => No File
FirewallRules: [TCP Query User{18B460B9-1E91-41F5-BB85-83BC9B472944}C:\users\matt\downloads\games\northgard.v0.1.3864\northgard.exe] => (Block) C:\users\matt\downloads\games\northgard.v0.1.3864\northgard.exe => No File
FirewallRules: [{DCC4A534-DF33-48F3-9975-61CBC5A84EE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{A6468A87-DEE0-4775-8EC0-E687A3E184C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [UDP Query User{DE4ACEAB-1F08-4D26-9A3D-4481E9BEEA93}C:\users\matt\downloads\games\halcyon.6.starbase.commander.v1.3.0\h6.exe] => (Block) C:\users\matt\downloads\games\halcyon.6.starbase.commander.v1.3.0\h6.exe => No File
FirewallRules: [TCP Query User{DA8755AD-D6DC-4B49-8F6B-1125702C81B0}C:\users\matt\downloads\games\halcyon.6.starbase.commander.v1.3.0\h6.exe] => (Block) C:\users\matt\downloads\games\halcyon.6.starbase.commander.v1.3.0\h6.exe => No File
FirewallRules: [UDP Query User{78CEDD8D-EE23-4204-9ECC-EB9D2A061946}C:\users\matt\downloads\games\astroneer.pre-alpha\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\users\matt\downloads\games\astroneer.pre-alpha\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CE94539C-DB2F-4C28-A547-8DDB9D667821}C:\users\matt\downloads\games\astroneer.pre-alpha\astro\binaries\win64\astro-win64-shipping.exe] => (Block) C:\users\matt\downloads\games\astroneer.pre-alpha\astro\binaries\win64\astro-win64-shipping.exe => No File
FirewallRules: [UDP Query User{D449168A-4372-429B-92F3-42194456768F}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe => No File
FirewallRules: [TCP Query User{939ECC66-3EB6-4D83-B697-FD346CBD0D8F}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe => No File
FirewallRules: [UDP Query User{5717DFBD-6C08-43BB-AE64-1D903EFA7B5D}C:\program files (x86)\dying light\8-bit invaders\instanceserverg.exe] => (Block) C:\program files (x86)\dying light\8-bit invaders\instanceserverg.exe => No File
FirewallRules: [TCP Query User{1FBE8513-FA47-413E-85A8-8BFB8EB6BE53}C:\program files (x86)\dying light\8-bit invaders\instanceserverg.exe] => (Block) C:\program files (x86)\dying light\8-bit invaders\instanceserverg.exe => No File
FirewallRules: [{D6ED3A5B-AE50-479C-9C1A-C2EDF4026D69}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{5CF1429D-5B0B-46C8-968D-7E0C26559B06}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{DB0F9A85-B1C9-4539-8191-F94153679EB9}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{83E8DA06-534E-4F56-B913-3608FF70E623}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{A82A5654-F1A5-45B6-AAE0-CEB6DF029AC1}] => (Block) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [{23E0D7BE-A4AA-4ABA-9868-4A6090C2BC89}] => (Block) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{35E8FC4F-D269-4EF9-8807-6F036F72E94F}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{D0D1E718-E565-4ACF-8790-084AEE50B0C8}C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49008\heroesofthestorm_x64.exe => No File
FirewallRules: [{AAFC26FE-BA18-4FDC-99DC-AB21C9BC1544}] => (Block) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [{64A74528-7F00-449F-8C4D-F1067163A17F}] => (Block) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [UDP Query User{E01D919E-21EC-4AF2-BD3E-39B2924D5645}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [TCP Query User{1FBBD5A6-0B0E-4AFB-B7EE-A6396B681459}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [{3967EC86-8DC7-4169-B8A6-2DC5AE210793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{2F657976-0F0F-4FF4-B372-37FB7AA6E64C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{6B7B4280-A891-4CFD-A7EC-700B14D1623D}] => (Block) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe => No File
FirewallRules: [{0D13F950-78EB-4595-93EE-F7886C73335C}] => (Block) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{6738C09C-23F5-4BA2-B26B-D9396BAFFA84}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{49FF89E4-C3F1-4B98-95F4-771DD0D302DD}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe => No File
FirewallRules: [{9CB8BE71-DE8E-4166-9E3E-86C6ED53CD8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File
FirewallRules: [{295C5276-7630-4CA3-9032-7ECE94675A82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File
FirewallRules: [{C46D5658-46F0-409E-9B31-912DB255EE24}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe => No File
FirewallRules: [{F65FA29C-8249-4AF9-B653-4C846AE8C24C}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{B24DB57B-0F42-4ACB-9C10-2AD565166361}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{D389C347-5460-4B41-BFEC-F7BCEBE7B00A}C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe => No File
FirewallRules: [{D8507F67-C9DF-4CD9-85D2-3137D4449927}] => (Block) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe => No File
FirewallRules: [{CD323DED-21DB-43D4-BE0D-7177A1844F1A}] => (Block) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe => No File
FirewallRules: [UDP Query User{BE3A01F3-0A34-416A-AB93-90E17C61502F}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe => No File
FirewallRules: [TCP Query User{B40C9547-7BDD-4F75-8B7F-24389473A826}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe => No File
FirewallRules: [UDP Query User{A5FB4F6A-BC9E-4AE6-831B-8629C6C86C80}C:\games\kingdom wars 2 battles\kw2b.exe] => (Block) C:\games\kingdom wars 2 battles\kw2b.exe => No File
FirewallRules: [TCP Query User{0CB9191F-8435-4019-8883-192E1B70F7AE}C:\games\kingdom wars 2 battles\kw2b.exe] => (Block) C:\games\kingdom wars 2 battles\kw2b.exe => No File
FirewallRules: [{3FD38580-E4D8-476A-A55F-1257128D349D}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5D3AB9AF-9EF3-43B1-AAED-3B9FD4DA269F}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{174B83FE-ED56-4AB6-B7CB-701A5362BDF2}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{812D20D8-62BC-4CB7-809C-38BAF8FE2B54}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{72BFA489-F516-4EF2-9541-FA1063458B59}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BAF7F15C-BD75-42D0-A00D-CAC3D460A73B}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{02A276EE-3D8F-4A6B-A55F-8ED1A9B45690}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [{DB9FBBD9-190B-41B8-A902-6795824FEF70}] => (Block) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{A26F6D7A-3592-4434-8377-F74767917615}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{AFA5227C-0574-4BB9-9B95-6AAD5C9CA009}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [{2D13D981-C30E-4F17-B874-6EBAA473C814}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08D6AB61-75BE-496B-B08C-59CFD13D5AB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0AC4C89D-C9E8-498A-8E65-EF5EB058DC21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{D549BABB-C1D5-4921-906B-65F9452020CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{188CF124-C70D-41CC-A065-385348231E22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8E5207B-6845-43FB-8DDE-A6210C992F8B}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [{EE95ADF9-874A-4F64-BAC2-9B5B8C106AFD}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{AE00EA80-1616-4BC2-8A77-C12F4903636B}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [TCP Query User{D9608C7E-0B2A-40BB-A4DC-E27AC7A2A66B}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{5A975987-8BA6-45CB-BD63-1C27BC2F66C9}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{CD4676ED-050C-4249-882E-35305DA1A45D}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{50D075EA-722F-4E9A-B765-CED2A5FBFB54}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe => No File
FirewallRules: [TCP Query User{322C1D43-37DA-4173-9F8E-C9C7E0DC5F9C}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe => No File
FirewallRules: [{9D63A7EA-50A8-40BE-A916-98BDE52A5C53}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E94FA1D2-E0A2-43F1-9801-E75F733408FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{E084A220-06B8-402C-B124-D48BFF24FB13}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{4925B821-7550-4B87-907E-69C033E9F46B}C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48027\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{A7AB39D1-8000-4C3E-8C94-E6FCA61FC479}C:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\games\call of duty modern warfare remastered\h1_sp64_ship.exe => No File
FirewallRules: [TCP Query User{4707C91C-A141-4D1E-BC65-A0BDF39F0112}C:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\games\call of duty modern warfare remastered\h1_sp64_ship.exe => No File
FirewallRules: [UDP Query User{5076601C-E9B4-4CEA-9D2A-AC03DCA3E846}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{D08DE840-FF9B-4AD7-B293-E0E0D6C7DDFF}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{C961100A-2C4B-49DD-9FD5-525A013C4351}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0768124D-1C89-4E15-8631-02AEB425C338}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{674233A9-B1DE-44B2-8573-F7CB8093070B}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe => No File
FirewallRules: [TCP Query User{4A01F707-6078-4238-A92E-6DC8D966F725}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe => No File
FirewallRules: [UDP Query User{C88FE339-91BF-4F43-BF0F-855C503AE02D}C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{A26407A6-B796-43F1-8910-134EF5FC5A4D}C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46889\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{8122C145-C767-448B-BE53-8CBC3E465FFA}C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{356A51AB-4736-4545-945A-F74CF7D96471}C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{301886B7-83E0-48AA-8646-1CA7C5AF6D0F}C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{52FB0041-1D1C-41FB-B50D-88C6512AB6D6}C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{449DE6AB-A849-490F-8D06-D2C636398760}C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5A9915D2-02B4-479C-9053-9F2615ABD0BF}C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C015CC00-BD0D-43EA-BB16-A83287B1958A}C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C5633447-735B-42BC-B110-667D4D9C274F}C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4E9996D8-B391-4339-8491-D3732C95FF85}C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{043E9559-CE45-4218-992B-A0DDAC299BC1}C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{EAB3D2AA-E899-43B3-9A9A-42DE65D5CA18}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B5C67E91-F5F1-4E1E-863E-40924B5477BB}C:\program files (x86)\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.7\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [TCP Query User{C41A134A-174D-4562-B6E9-5DEAE0495256}C:\program files (x86)\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.7\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{3C4CE585-37F1-4E59-9DD0-A6105E15CD8C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5F9B66EB-FA82-4E49-88F7-1BCBF6058433}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5A007062-2E72-4D1F-AB82-F83622718451}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{235A5D11-2F1D-4D18-B4A7-A2FF5D8B9D44}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{AA91E689-7F17-4EF7-BF47-DD19A660F6DC}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{BC0B7A45-5162-49C5-97D4-7694B19BE927}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{CA1133BE-4425-46C3-8030-E81D0A0DC075}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe => No File
FirewallRules: [TCP Query User{BCDB69B3-221E-42A8-9DED-9DE7B7E475AE}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe => No File
FirewallRules: [UDP Query User{A9298214-8A76-42C0-A0B1-FCF44BE465AD}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{313671BD-1760-4D9E-8E55-56EB340319A3}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{0F4976FB-701D-4971-9210-F93075C005FF}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{E7CF3390-7A81-456C-B177-17FBD766095E}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{625B6421-C078-43AD-A33A-A7A7D8738F4C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{744C5FD9-525F-448C-9F38-7968B56BF9A1}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [{930BA5CA-6B5B-4B4F-BF5A-AD316E0D4242}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A423931D-A306-4D5E-87A0-9631438CB05E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{DABC088F-BD99-42E6-BD23-9454E703D6DF}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe => No File
FirewallRules: [TCP Query User{C546BD6A-036A-4E9F-8354-21FB56B02AB4}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe => No File
FirewallRules: [UDP Query User{1EE13DE2-15C4-4C23-B899-C70A719CB63F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D70DF22A-B776-4465-9F18-5107ED618E1A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{227073BF-E63E-4CBB-91D2-160E93CFE9CD}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{070392D9-4531-4A4A-94B4-ACF2390D028A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{50E22CD5-E6C6-4B53-A299-969856479056}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe => No File
FirewallRules: [TCP Query User{08707B4D-EF66-4818-A685-C324BC876AB7}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe => No File
FirewallRules: [UDP Query User{D9B8352D-4B9E-4175-BAB1-7665BB672A73}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [TCP Query User{4166316E-5605-4696-BCB4-DBF2D1D6F346}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{9DBAD26E-4AC9-4F33-9FEF-515D4EDF4C83}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [TCP Query User{488837D3-3133-4D7A-BAE6-770EA6A9670F}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{A8EA72D4-7E1A-48EB-BBD0-A5BDA8AD5526}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{AA3EAC4E-A763-48DB-97AA-83078F41E183}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{84D04FA9-25B0-454C-9B8E-B88D161D10BA}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe => No File
FirewallRules: [{65A5562D-7273-491F-B2D7-43048C768231}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe => No File
FirewallRules: [{D8086025-4D47-4DC0-B980-4BAB2EF22D68}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{E872670A-CB93-48CB-8941-74BAA80047A5}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{8621A795-3A24-4B1F-883D-357648BFAB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2008314-1044-4A90-9F0D-B48970370502}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D14BA361-7A99-45D4-A7CA-AF8A0F272227}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1D547635-408D-4AEB-8150-AA3323D4D880}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C968F353-EA1F-4DA9-B438-507F53385963}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A3AD226-D9C7-41D8-9F66-C25320DD2C96}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7D58CB35-642B-404A-8F21-76D2551C87D4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{01E58A3B-8068-4711-8070-149686948D32}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F4EF67A0-3025-4693-BDCD-13F3EBF45E91}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe => No File
FirewallRules: [{A02C5202-86A3-4E68-B627-E32B5FA75A6E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C3C60FE4-E39F-4AB1-A14F-52FFAF31C62F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{DE25BE28-A242-4DC2-BDB2-45B8F1E40102}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6BDA2148-372F-437C-BAA7-358783B7C888}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{35001097-9FE6-4221-88A7-CDB8DE17A347}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe => No File
FirewallRules: [UDP Query User{430B0B21-CF40-4CE6-B930-D37F7F8D1AB1}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe => No File
FirewallRules: [TCP Query User{7CFC680A-8316-47F4-8EDD-36AB0091F72C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{29DFCC9B-1EF1-4ECF-AB17-B956F3A58C2C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56F3FD56-3C92-4EF6-9DA2-F6D14F57CA24}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF5C493F-B9FF-4ACD-8836-B34F2442FC5C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CF3BE45-75EA-4E54-AD26-677CA2DAA620}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1694248-5892-4239-8E90-8EEDB8916A51}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E41BD38-4F00-441B-929F-5DC8160AB5D4}] => (Allow) C:\Users\Matt\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{50626B22-FB2F-4F43-8111-1C5700228746}] => (Allow) C:\Users\Matt\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{671B3F07-F9AE-4D5E-9B36-DB4AF644B5FA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe => No File
FirewallRules: [UDP Query User{AE112601-EB68-4D6A-A0DF-EEEC216B04BC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe => No File
FirewallRules: [TCP Query User{66920AD9-41E5-4FBD-9DFE-1894415B3E0D}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{13CEF0BD-B872-4EEF-AE0D-C1199370FF2D}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D77BB968-F4F4-444C-9B7A-6B91260D3532}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C2E08FD4-C18F-4966-BF3B-76016E7743DB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4515FDAF-24A6-428D-9E98-D694DB17D20A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe => No File
FirewallRules: [{A44A9DA3-82DB-4F21-9AC3-C2312ABFB593}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe => No File
FirewallRules: [{BF794BEB-AAA8-4D72-B149-C07047D6F717}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{93BB2A3E-D61F-4D25-B416-8FC195CD4E56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{7DC9AF62-0BC5-4FB1-8265-864B32A13114}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe => No File
FirewallRules: [{C626C8E9-6895-4A01-ACD7-EA895B677D61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe => No File
FirewallRules: [{FF002389-CC2A-4B59-951C-3C131C449F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe => No File
FirewallRules: [{64787D19-4534-4EA3-AB8C-8CC22FEFDD3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe => No File
FirewallRules: [TCP Query User{389687E3-8970-4502-A7FE-BCBA02F7367E}E:\mbeazley_blackjackserver\debug\blackjack_server.exe] => (Allow) E:\mbeazley_blackjackserver\debug\blackjack_server.exe => No File
FirewallRules: [UDP Query User{9706D4FC-E7C9-425A-9B7F-CDD2EEDD4C32}E:\mbeazley_blackjackserver\debug\blackjack_server.exe] => (Allow) E:\mbeazley_blackjackserver\debug\blackjack_server.exe => No File
FirewallRules: [TCP Query User{847BC7D7-A1B6-47C6-86C2-42E1084EFB95}E:\term 4\mbeazley_blackjack\mbeazley_blackjackserver\debug\blackjack_server.exe] => (Allow) E:\term 4\mbeazley_blackjack\mbeazley_blackjackserver\debug\blackjack_server.exe => No File
FirewallRules: [UDP Query User{D565CD08-A3CD-4C5C-B718-645838024C7F}E:\term 4\mbeazley_blackjack\mbeazley_blackjackserver\debug\blackjack_server.exe] => (Allow) E:\term 4\mbeazley_blackjack\mbeazley_blackjackserver\debug\blackjack_server.exe => No File
FirewallRules: [TCP Query User{6B2564C9-5B20-4597-BAE9-0612C1757755}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{ADA5FCAC-6722-4B2C-BF7F-CB1F8C64EEF3}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{88256821-5F51-4776-90F8-BA1777A8F658}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{DC044186-99DF-455D-8AF2-C657455A9A07}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{8FBA2AB3-20E5-4DDE-8744-4E0840EF6BE4}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2BDEE368-DDDD-4ADB-BD68-22D313FDCB05}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File
FirewallRules: [TCP Query User{84AFF3E8-7F41-489F-9722-74EE04869B8B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{3F4EB2BF-48F1-4F5B-8D8E-04A4A908B473}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{C952BBA6-8928-41C8-BE6D-C546BA456C03}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{96921C5A-0D14-47D3-A251-52BE16D4A1A3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{BA29CFE4-B382-4984-93AF-656D31B3A002}C:\users\matt\downloads\games\tokyo.42\t42.exe] => (Block) C:\users\matt\downloads\games\tokyo.42\t42.exe => No File
FirewallRules: [UDP Query User{6DDD1575-46DD-454C-B848-DA54A34E9B5D}C:\users\matt\downloads\games\tokyo.42\t42.exe] => (Block) C:\users\matt\downloads\games\tokyo.42\t42.exe => No File
FirewallRules: [TCP Query User{D29063A9-B5FD-495F-AC87-09592BF78F7E}C:\program files\gamemaker studio 2\gamemakerstudio.exe] => (Allow) C:\program files\gamemaker studio 2\gamemakerstudio.exe => No File
FirewallRules: [UDP Query User{87F89438-EAE5-4760-9484-909EF918BB8A}C:\program files\gamemaker studio 2\gamemakerstudio.exe] => (Allow) C:\program files\gamemaker studio 2\gamemakerstudio.exe => No File
FirewallRules: [{840C1081-B94F-4963-96EC-665B885458AC}] => (Block) C:\program files\gamemaker studio 2\gamemakerstudio.exe => No File
FirewallRules: [{1BBD13A2-CB96-4254-9F4D-656994C62787}] => (Block) C:\program files\gamemaker studio 2\gamemakerstudio.exe => No File
FirewallRules: [TCP Query User{C6EED39C-EFE3-4D76-81CB-85569C666799}C:\users\matt\downloads\games\spacebase df-9 (alpha 6e) (windows) (proper)\spacebase df-9 alpha 6e\space.exe] => (Block) C:\users\matt\downloads\games\spacebase df-9 (alpha 6e) (windows) (proper)\spacebase df-9 alpha 6e\space.exe => No File
FirewallRules: [UDP Query User{5950F292-0A00-4B36-B7C2-34B810F978B6}C:\users\matt\downloads\games\spacebase df-9 (alpha 6e) (windows) (proper)\spacebase df-9 alpha 6e\space.exe] => (Block) C:\users\matt\downloads\games\spacebase df-9 (alpha 6e) (windows) (proper)\spacebase df-9 alpha 6e\space.exe => No File
FirewallRules: [{852C2B4B-886E-4C1A-A43E-695C9F396D72}] => (Block) C:\programdata\gamemakerstudio2\cache\runtimes\runtime-2.0.7.110\windows\runner.exe => No File
FirewallRules: [{AB853ADC-60BC-419C-91B1-CE201A21ABD4}] => (Block) C:\programdata\gamemakerstudio2\cache\runtimes\runtime-2.0.7.110\windows\runner.exe => No File
FirewallRules: [{466512DB-E712-4F57-B738-6093420A9C4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{4DCADDA6-F8F4-4779-AD42-EC518B29F7C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [TCP Query User{E109D85F-C1E1-40F4-9D21-6DCEB39E8782}C:\users\matt\downloads\games\for.the.king.v1.1.04\ftk.exe] => (Block) C:\users\matt\downloads\games\for.the.king.v1.1.04\ftk.exe => No File
FirewallRules: [UDP Query User{FF78865B-331E-433B-A04A-EEA66C3D3934}C:\users\matt\downloads\games\for.the.king.v1.1.04\ftk.exe] => (Block) C:\users\matt\downloads\games\for.the.king.v1.1.04\ftk.exe => No File
FirewallRules: [TCP Query User{56C8D59C-337D-4F0E-ACE6-796A5EAF1819}C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe => No File
FirewallRules: [UDP Query User{31B2D041-F65F-4746-93B8-137755B15E84}C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe => No File
FirewallRules: [TCP Query User{98BFFEB6-0AE4-4E14-875C-0C0361E6C840}C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe => No File
FirewallRules: [UDP Query User{E931D309-AC07-4064-A726-08BFA2872933}C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe => No File
FirewallRules: [TCP Query User{8A2D05E3-FEAC-4209-941B-44E5DA544854}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{E8413760-B0C6-4F85-A920-7C19DD5EC985}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{758D66ED-8BEF-42FE-8656-D9BC8436B9BE}C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{8A3C3A8C-EA02-4256-AEB5-C77745B7F2D8}C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{37BF7FB9-BEBE-4493-9303-4BAAA1832A30}C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe => No File
FirewallRules: [UDP Query User{9AA3B8D1-767B-4950-98F1-1CFEEA8B6727}C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe => No File
FirewallRules: [TCP Query User{BC31EFC9-7CE1-4114-A00E-04B0A59FF9EA}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{B66B333F-8EF9-4191-BAD1-5000161C6B4D}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{FC4780F5-1DF1-4585-8396-1A761DC7D490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [{2A5812CF-1912-492D-BBAB-065A0B762E89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty WWII Beta\s2_mp64_ship.exe => No File
FirewallRules: [TCP Query User{77A7F13A-DCA1-4414-B89C-D715D9012C16}C:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{BB94A085-77A8-4AD0-A988-619C90EE7888}C:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base58209\heroesofthestorm_x64.exe => No File
FirewallRules: [{ADE917B3-11B0-4B30-B33C-B5977A591AB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{5EF3AA66-1891-48CF-9246-C2E750FDE283}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [TCP Query User{1BA37C8F-2776-46F5-A941-456743E7C37E}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe => No File
FirewallRules: [UDP Query User{EF4ABE37-22DA-4920-9723-98C417E1CD78}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe => No File
FirewallRules: [TCP Query User{AE2E970D-31F0-4551-8EF4-8E1A230BE1B1}C:\program files (x86)\starcraft ii\versions\base59587\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base59587\sc2_x64.exe => No File
FirewallRules: [UDP Query User{41848B17-00BC-4C5E-843A-A29D3F8F3DE8}C:\program files (x86)\starcraft ii\versions\base59587\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base59587\sc2_x64.exe => No File
FirewallRules: [{F42566B4-D37D-4515-B543-E4C3E460C340}] => (Block) C:\program files (x86)\starcraft ii\versions\base59587\sc2_x64.exe => No File
FirewallRules: [{1B37B2D4-E1FA-4668-BBF2-3104E1C762CA}] => (Block) C:\program files (x86)\starcraft ii\versions\base59587\sc2_x64.exe => No File
FirewallRules: [TCP Query User{661FFF32-DF71-4C58-93F6-58CC465A5089}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe => No File
FirewallRules: [UDP Query User{9E8AB2C4-2E2B-4B5A-BAEF-0FC230BA3CC3}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe => No File
FirewallRules: [{C93440F4-1EF6-4C68-A9FE-A924C8C419D0}] => (Block) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe => No File
FirewallRules: [{E6416309-5F3D-4084-818C-036CFB3903DF}] => (Block) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe => No File
FirewallRules: [TCP Query User{C5155281-B484-446F-87FA-E4F25BB2D839}C:\program files (x86)\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{0FA9C70F-4FE4-40B9-900F-2C5422328ABD}C:\program files (x86)\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe => No File
FirewallRules: [{970EBCB3-794D-46F5-945C-6EC011FC0BA2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe => No File
FirewallRules: [{EFB54CFF-3B78-40DA-A88F-C7D6C4AF6B46}] => (Block) C:\program files (x86)\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe => No File
FirewallRules: [{D4E79262-B7F7-4EE9-8A20-DF85A3E850D4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{3ED08E8B-201D-4EC2-BDCD-321422531E71}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{E1D35FAA-A9E9-4A68-8B35-FAEBDDF50636}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{8CDB21AD-CC2B-40A1-BBA0-6706C8C650E4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{CB9BEE19-5727-4C0B-A608-A34C8A48B68C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{6A76E710-286C-47D9-A7ED-68428B1C317F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [TCP Query User{C3FFDC2B-2032-4647-A093-13CAB62C698B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{14482752-D1C1-45BE-ADAE-36FC81FD45BD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{04D76ABC-FC75-4938-8469-73A750E5B62B}D:\games\red faction guerrilla remarstered\rfg.exe] => (Block) D:\games\red faction guerrilla remarstered\rfg.exe => No File
FirewallRules: [UDP Query User{7EE837BC-5509-4B56-8C94-DAB5A7675F1C}D:\games\red faction guerrilla remarstered\rfg.exe] => (Block) D:\games\red faction guerrilla remarstered\rfg.exe => No File
FirewallRules: [TCP Query User{B160ECFA-6744-4A40-8622-286EAB043630}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{31637A0E-42EF-4F75-95D7-7049F117E49C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{C57C461F-1F31-4B51-BCDC-DEBAE4B2DFFF}C:\program files (x86)\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base67188\sc2_x64.exe => No File
FirewallRules: [UDP Query User{856627CD-427B-47AF-85AD-E098116C83FB}C:\program files (x86)\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base67188\sc2_x64.exe => No File
FirewallRules: [{E534283C-F619-4AB0-AFA4-C4474F1D469D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DBB62F49-8AE2-4F6D-89AB-64A0C902A94D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{7B85D8A1-545F-455B-A6A2-A500373D89A8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{004B6CFB-C01C-4349-95AB-151385C6AF54}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{FD462795-B255-4483-BDC2-ADDF6215DF2A}C:\program files (x86)\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base67926\sc2_x64.exe => No File
FirewallRules: [UDP Query User{D7611927-3460-45F3-B4C1-779182095054}C:\program files (x86)\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base67926\sc2_x64.exe => No File
FirewallRules: [TCP Query User{2ACE9A4E-7640-4DF0-9682-41FF262B706B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{B64A93B3-14D6-43AE-B24E-677E1BF4024F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F71B4C08-8B96-46AE-BB5E-03639A400315}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{5F54D897-9A8D-4C63-8844-4834313948CA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{D8B8A3DE-0C93-4127-BB9D-DEC44B9126D6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{CA158999-9EDA-41ED-B00D-798B41AE18F6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{4B348E56-0D2A-4A01-B13C-77E2568C671C}C:\program files\maple 17\jre\bin\maple.exe] => (Block) C:\program files\maple 17\jre\bin\maple.exe => No File
FirewallRules: [UDP Query User{0697FCF5-59EA-4ADE-A85D-9F56A9623055}C:\program files\maple 17\jre\bin\maple.exe] => (Block) C:\program files\maple 17\jre\bin\maple.exe => No File
FirewallRules: [TCP Query User{20EE6CA1-C95E-43C2-8281-1734DE06A597}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B12ED763-93A2-430B-8F08-47B2402F6A06}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File
FirewallRules: [TCP Query User{8DDEAC16-AE93-4354-87AD-91C5C5E61CC2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{FF5AD83E-33D9-4ABD-B66C-B9D77901BA63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{BBCC5817-FD7B-4605-8A4D-014D879F5DC2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F83A703B-01E9-4542-B315-78E3E833C316}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{7B167F63-7626-4E5B-A74A-9715573B44D5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{067E38AC-44F1-43F2-9A68-B993D42D57F8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{8D730DCF-4CC8-408A-B031-DE41D71A6B60}C:\program files (x86)\starcraft ii\versions\base69232\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base69232\sc2_x64.exe => No File
FirewallRules: [UDP Query User{1E6956DD-D250-4A4D-A12F-28905D0CCC89}C:\program files (x86)\starcraft ii\versions\base69232\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base69232\sc2_x64.exe => No File
FirewallRules: [TCP Query User{C718D4F1-3AEE-4A15-9D31-5D8F273B000C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{DC3A6A1C-3C73-4840-AF26-FD8B0C5C3BBE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{8D4BE8AD-E500-4EC5-9280-AE68C858386D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E9E71DA0-28D7-4094-B7A2-267766BECB67}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A3EAD364-E7E9-4870-8975-7F10E4CA8866}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{BEA9FA45-02D4-44E6-AF11-392DCEA677EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{4373ED1E-DA73-41A3-A23A-BC26D710D774}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{293D1DD8-CE68-49C3-8553-6B55FA0FC9D4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A8B981DC-8625-4E46-831F-2AB9702AEF47}C:\program files (x86)\starcraft ii\versions\base70154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base70154\sc2_x64.exe => No File
FirewallRules: [UDP Query User{CC62D9C2-B4FA-4226-9337-7F4B100FA06C}C:\program files (x86)\starcraft ii\versions\base70154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base70154\sc2_x64.exe => No File
FirewallRules: [TCP Query User{F74B5762-0F68-47B2-A0C1-84C33F1A6E03}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E94DEA2D-51AB-4705-A0C5-B0BB278C32D9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{4CE4C96F-5967-4393-BB79-5BDB2A3642A0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{63561B22-51DE-4738-AAC1-1734F9A3F5B1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{79BDF64F-51FF-4E46-84BE-082714441309}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{BA8435D0-BA00-4BE7-BF40-9DAF770C9816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{056B01EA-E8D1-4A5B-8839-8B68988AECFB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{4F8DB9A2-866F-4254-8FB3-A59B264D9107}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => No File
FirewallRules: [{28CE7120-E0A9-4361-BF23-FAB328E25B5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3B524EF-1B19-489A-9ADD-F7921C01FF4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{15D1ADE6-24AE-4204-A70F-882152D8349C}C:\program files (x86)\starcraft ii\versions\base71061\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71061\sc2_x64.exe => No File
FirewallRules: [UDP Query User{84DBB92C-3756-4935-A828-FCEC6F2C5311}C:\program files (x86)\starcraft ii\versions\base71061\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71061\sc2_x64.exe => No File
FirewallRules: [TCP Query User{865E7EA2-5F99-4322-8CA9-C410A870B1F8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{92583582-C977-4E7E-A487-E485CCF012EB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{D45F6A41-3C56-4BA9-8C56-319C97550F2C}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{70FF066C-0561-4CEE-8DD2-15A97E7B06AE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [TCP Query User{EC1942B5-95ED-4BFF-A998-9EFC1C2012D8}C:\program files (x86)\starcraft ii\versions\base71523\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71523\sc2_x64.exe => No File
FirewallRules: [UDP Query User{A0536D69-4802-4528-986E-21E6A8C74D71}C:\program files (x86)\starcraft ii\versions\base71523\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71523\sc2_x64.exe => No File
FirewallRules: [TCP Query User{C8DCBB29-AE95-49F5-8064-297A355702CD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{19A898F7-14F8-47E1-A366-3911D282A268}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{4383C831-1B2A-46B7-97E4-63C3E90B9363}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{ECBC0323-1223-4D4F-9263-5B0B05EB97EE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{6A2D888E-3D48-4321-BE29-83F6BD133D3F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{EC38A41D-39D6-4EDB-B9EF-5FFE3B469554}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{217467D6-0813-4322-AF57-F8E28A5EECC9}C:\program files (x86)\starcraft ii\versions\base71663\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71663\sc2.exe => No File
FirewallRules: [UDP Query User{E6A7A6BD-CA7D-49B6-BB73-C3C2CBB54BFE}C:\program files (x86)\starcraft ii\versions\base71663\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71663\sc2.exe => No File
FirewallRules: [TCP Query User{640EE0D2-4CB7-40C7-B973-976713E4CDE5}C:\program files (x86)\starcraft ii\versions\base71663\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71663\sc2_x64.exe => No File
FirewallRules: [UDP Query User{09A200B3-71C6-48B3-907B-7DA708DBCF49}C:\program files (x86)\starcraft ii\versions\base71663\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base71663\sc2_x64.exe => No File
FirewallRules: [TCP Query User{D3F1EC39-1141-48D9-9CAA-98A1F9521CEF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{326CED9F-ABA7-43AB-A3F3-81DD6488535C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{840C1951-A62B-40B9-9DA7-EDBB7DF1A336}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{D5C7ED59-229A-4611-8C77-DC4A417FF792}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => No File
FirewallRules: [{41E2FDB7-5AF2-471C-B911-FC0491E2DCEF}] => (Block) D:\downloads\games\circle.empires\circle empires\circle empires.exe => No File
FirewallRules: [TCP Query User{1748E2FB-1C2C-42CB-91CF-4F54CC576EC6}D:\warcraft iii\x86_64\warcraft iii.exe] => (Allow) D:\warcraft iii\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{DB85E536-2CAD-41C1-ACAD-6037D4B02485}D:\warcraft iii\x86_64\warcraft iii.exe] => (Allow) D:\warcraft iii\x86_64\warcraft iii.exe => No File
FirewallRules: [{C8753365-6CDB-4B46-9FD4-A30561C34BFE}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{0B8AA92A-4513-42EB-B038-5F585905A33A}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [TCP Query User{83A29127-72BA-4EAF-AA6C-BE823085C199}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe => No File
FirewallRules: [UDP Query User{D2D92D25-A00F-4E2D-9918-94F4CC1CD4DB}C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base78285\sc2_x64.exe => No File
FirewallRules: [{E4DF290A-0F6C-4D7B-9119-EE53E849133E}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{45B4956A-AE0F-4500-87BF-F65B432A2956}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [TCP Query User{0217FD1C-7C36-475D-B188-C2A64214173D}D:\steamlibrary\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4C5E6E87-AE7F-4254-85C6-81468BD5A677}D:\steamlibrary\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe => No File
FirewallRules: [{CDCD9C05-5615-45AC-AEA7-C5E8D3280B5A}] => (Block) D:\steamlibrary\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe => No File
FirewallRules: [{AD689656-C8D1-49DF-AE4D-24C2C1967BCF}] => (Block) D:\steamlibrary\steamapps\common\pacify\pacify\binaries\win64\pacify-win64-shipping.exe => No File
FirewallRules: [TCP Query User{76A79276-731E-473A-A126-13F95F94FCA8}D:\program files (x86)\dying light\crying suns\cs.exe] => (Block) D:\program files (x86)\dying light\crying suns\cs.exe => No File
FirewallRules: [UDP Query User{DFB090A3-0260-41FD-A53F-F416480319A6}D:\program files (x86)\dying light\crying suns\cs.exe] => (Block) D:\program files (x86)\dying light\crying suns\cs.exe => No File
FirewallRules: [{993E5AE9-94F1-4586-8221-1A03F7068B3B}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{362B2473-7AC3-4BB4-94B8-0E2C11A64064}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{32BA7C84-6B42-4F09-A5C2-64023C3A75F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{EABCC431-C6AD-454C-8507-AF3E882AA6E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{06F3E230-2220-495D-A06B-2F936D328EE5}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1383039B-467F-49B5-86C8-C32D2298C15F}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{71C7BE80-97C3-4CD3-BEB0-56423A0832CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GTFO\GTFO.exe () [File not signed]
FirewallRules: [{3C598BF5-15AB-4DBC-B69C-50D6B1BDA95C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GTFO\GTFO.exe () [File not signed]
FirewallRules: [{60957DB1-C884-4CF6-8A34-727CA7380559}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0014F013-6233-479B-8807-CE5ED64B9352}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5A927C6B-EA3D-4211-8B17-39081DA9C61C}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [UDP Query User{26D35368-DEFA-423D-972C-C12EB3F93EDC}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [{3C90294D-DF10-4C7F-B2FA-D5F0935F9103}] => (Allow) D:\SteamLibrary\steamapps\common\We Went Back\WeWentBack.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1C271728-9EDB-49CF-868C-D0AFCC8A9519}] => (Allow) D:\SteamLibrary\steamapps\common\We Went Back\WeWentBack.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{425269F8-5BB2-449E-8349-7959CC2BAFED}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [UDP Query User{30482709-A26E-4731-95C2-EA6348020665}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [{FE129800-F457-41F7-85DD-E2EBFCC1CFA7}] => (Allow) D:\SteamLibrary\steamapps\common\Space Hulk Deathwing - Enhanced Edition\SpaceHulkGame.exe (Focus Home Interactive S.A -> )
FirewallRules: [{C805C2E4-F408-4983-AAED-FB6FA1F1A050}] => (Allow) D:\SteamLibrary\steamapps\common\Space Hulk Deathwing - Enhanced Edition\SpaceHulkGame.exe (Focus Home Interactive S.A -> )
FirewallRules: [{617B7390-9053-4FEC-9363-E6B59B075914}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{35CCB617-A34E-4B80-A565-151B1446A30A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{4716135E-D6F8-41F7-92B6-F9D764982DF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{C8F24C83-54F5-4F60-AAB2-A06DA6066954}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{47087341-064A-4940-BB41-4ED8E7557DE1}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{4BF548E1-C701-4FB8-BF8C-B4DE01F31E63}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{48F6C363-0203-4587-867B-B550E045AE23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{58CDB6A6-CD35-4BB9-8C85-EEF9342AABEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{2E616A56-7653-4176-9910-2550E9F72CEA}] => (Allow) C:\Games\Mass Effect\Binaries\MassEffect.exe => No File
FirewallRules: [{956A408E-D362-4766-A7E2-9C78810202D9}] => (Allow) C:\Games\Mass Effect\Binaries\MassEffect.exe => No File
FirewallRules: [{112E6AE4-AC88-4039-AD34-6D6F236C2EFE}] => (Allow) C:\Games\Mass Effect\MassEffectLauncher.exe => No File
FirewallRules: [{3763EF77-ADB9-4F91-A5DA-9FFDCA398F0F}] => (Allow) C:\Games\Mass Effect\MassEffectLauncher.exe => No File
FirewallRules: [{4E63AF4C-5910-4C45-B2C1-3A38F3AA331D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{B78767C1-E9B0-4DC9-A146-B09F760F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{E168746E-EB7A-4B4F-8515-2F029105BF12}C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe => No File
FirewallRules: [UDP Query User{4A91FE1E-19B5-46E4-BC5F-6C0645CB674A}C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base79998\sc2_x64.exe => No File
FirewallRules: [TCP Query User{4A380F91-C3E8-42E2-B86E-91D926DA3682}C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe => No File
FirewallRules: [UDP Query User{FF4A0499-6944-4D1A-BD07-4C39BE55EDBB}C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base80188\sc2_x64.exe => No File
FirewallRules: [TCP Query User{8AA3994E-8C36-4B92-A2D1-A338B7D35565}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{6BC40FB3-CF70-4C3B-AB5A-D3EEA6CD0D1F}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{5A3BD26B-BF80-4A17-BE18-76665E32B1B9}] => (Allow) C:\Users\Matt\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{94DE94EE-05BA-4E14-94AC-BDB10BE9383F}] => (Allow) C:\Users\Matt\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{67AB4931-9171-4297-87D7-06F3C98D6BA6}] => (Allow) C:\Games\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{E87CE1B0-192D-470C-B68E-FDEA3794BA07}] => (Allow) C:\Games\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{D3A66D35-E034-420A-A2A0-0A5E93D0F72B}] => (Allow) C:\Games\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{7D435465-2AC9-4D61-BF84-B4EFC34ED518}] => (Allow) C:\Games\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [TCP Query User{8A03A266-8EF2-4C82-971A-E98332D280AC}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe => No File
FirewallRules: [UDP Query User{BA7C9463-8C20-4E9F-8EFD-58B138884CAF}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe => No File
FirewallRules: [{D7BFC6A1-26FC-4485-A955-3BBE5D4059C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Moon Hunters\moonhunters.exe () [File not signed]
FirewallRules: [{E77AA8EE-DC22-4C49-879A-2676FC7C7AB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Moon Hunters\moonhunters.exe () [File not signed]
FirewallRules: [{3E2F174E-D6AA-4D21-9A92-1F2F33428D11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A242870-A8E9-4157-B0FC-F530F2F37124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BDA145D-75D6-487E-8230-43CFC99468EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11F57F7F-AF68-4752-AA04-831B8C7BF3F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A2FBCE42-4B18-4C9F-AFC8-5A4C0D463C25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{1AEDF353-F376-460B-A29F-7B8D3612700E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{2430ACB8-7957-4491-8020-312C7080CC43}D:\starcraft ii public test\versions\base80871\sc2_x64.exe] => (Allow) D:\starcraft ii public test\versions\base80871\sc2_x64.exe => No File
FirewallRules: [UDP Query User{D628825C-DCBC-4799-97BC-E3C92FE77ABF}D:\starcraft ii public test\versions\base80871\sc2_x64.exe] => (Allow) D:\starcraft ii public test\versions\base80871\sc2_x64.exe => No File
FirewallRules: [{4CEFCB20-E160-403B-81C3-4609C783FC1E}] => (Block) D:\starcraft ii public test\versions\base80871\sc2_x64.exe => No File
FirewallRules: [{B58B66EE-B58E-4E3F-AEA8-89500108CC00}] => (Block) D:\starcraft ii public test\versions\base80871\sc2_x64.exe => No File
FirewallRules: [TCP Query User{C43E04F8-A101-469A-97E2-6BD5F69392D5}C:\program files (x86)\starcraft ii\versions\base80949\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base80949\sc2_x64.exe => No File
FirewallRules: [UDP Query User{1EFF7D3A-0311-42D4-8967-9F47DFD0C4BD}C:\program files (x86)\starcraft ii\versions\base80949\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base80949\sc2_x64.exe => No File
FirewallRules: [TCP Query User{DFBDF914-5036-4ED0-9663-7DEC28AF2929}C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe => No File
FirewallRules: [UDP Query User{53BC1153-630D-4F96-869D-7E93A25032B0}C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe => No File
FirewallRules: [TCP Query User{BB257CCC-9426-4E04-B501-8E38001747FA}C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe => No File
FirewallRules: [UDP Query User{026DC0A8-F7AF-4028-A36C-F3B962963AB9}C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe => No File
FirewallRules: [{40B1B6C8-7B54-4437-8A98-DDAA4DB13361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{7D58B2D9-7427-4128-BFD2-2DD0B50AE78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{A6D8206F-2D12-47E9-8B66-B94F28CF86E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{14361CD2-9B0E-4DF9-BD23-85A664E68888}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{60121E7D-2033-4968-AB65-DB1C6B121321}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{004D3317-3B2F-4B9F-81FB-55B1C461A302}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{E89E8F38-503F-48A9-9173-E526D36A2AB4}D:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe (Gunfire Games) [File not signed]
FirewallRules: [UDP Query User{5B2A8053-A2C1-4CB1-B3F8-37ED5AA83706}D:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe (Gunfire Games) [File not signed]
FirewallRules: [{8B6B5825-CD9B-4E03-ADDF-ABECE0F64F07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ChildrenOfMorta\ChildrenOfMorta.exe () [File not signed]
FirewallRules: [{0938A46B-7AB3-40DB-B406-182A7BF0C82C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ChildrenOfMorta\ChildrenOfMorta.exe () [File not signed]
FirewallRules: [TCP Query User{689DFE72-0960-41B8-8A49-71447BB6EFFE}C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D4C14387-208E-4BCA-9E0F-D1946CC69887}C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{06534A87-33DE-44B6-8B25-9BE3F0AAC458}D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe (Focus Home Interactive S.A -> Epic Games, Inc.)
FirewallRules: [UDP Query User{8266476D-C3E0-4EC5-AAA7-B26E98D60AD1}D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe (Focus Home Interactive S.A -> Epic Games, Inc.)
FirewallRules: [{7CE13B09-1CE1-4D90-9854-C4CB973BD9A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Biped\Biped.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D01B8036-CF18-4838-90E1-46B9CEB2E89E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Biped\Biped.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2D38851F-12CB-4E9B-8AD7-A72143A4E604}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{3DF29134-1FC5-4223-8DFE-68C7827FDA21}D:\downloads\games\as.far.as.the.eye\as far as the eye\as far as the eye.exe] => (Block) D:\downloads\games\as.far.as.the.eye\as far as the eye\as far as the eye.exe => No File
FirewallRules: [UDP Query User{74436C11-C914-406B-930C-3F6C7C55C449}D:\downloads\games\as.far.as.the.eye\as far as the eye\as far as the eye.exe] => (Block) D:\downloads\games\as.far.as.the.eye\as far as the eye\as far as the eye.exe => No File
FirewallRules: [{6C76BBB7-D485-4DBA-B5D8-932F00B1A733}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe => No File
FirewallRules: [{981279E5-BB02-4DA2-B365-B67A2A3C4EC2}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe => No File
FirewallRules: [{F4825FFF-5D4F-4B00-98BC-A8CF677B0E81}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe => No File
FirewallRules: [{02655F12-0E4C-460E-B224-D9CF4F440686}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe => No File

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/26/2020 04:44:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 04:38:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5864,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 04:29:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 03:14:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12708,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 03:05:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9456,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 02:37:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14352,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 02:27:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2540,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (09/26/2020 06:48:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (09/26/2020 04:23:23 PM) (Source: IntelHaxm) (EventID: 10) (User: )
Description: HAXM can't work on system with VT disabled

Error: (09/26/2020 04:23:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MaskVPNService service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/26/2020 04:38:09 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/26/2020 02:32:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MaskVPNService service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/26/2020 02:32:33 AM) (Source: IntelHaxm) (EventID: 10) (User: )
Description: HAXM can't work on system with VT disabled

Error: (09/26/2020 02:31:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/26/2020 02:31:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Corsair Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (09/26/2020 02:31:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SAS Core Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.


Windows Defender:
===================================
Date: 2020-09-26 02:04:35.198
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...94&enterprise=0
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: file:_C:\Program Files\Nitro\Pro 11\nitropdf.enterprise.pro.x64.11.xx-Upd1.patch.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Matt\Downloads\esetonlinescanner.exe
Security intelligence Version: AV: 1.323.1895.0, AS: 1.323.1895.0, NIS: 1.323.1895.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 00:49:54.804
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {71604486-0C72-4ABD-A4A2-8731F73F9B09}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-22 00:29:16.537
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...63&enterprise=0
Name: Trojan:Win32/Downloader.GA!MTB
ID: 2147744863
Severity: Severe
Category: Trojan
Path: process:_pid:452,ProcessStart:132452225432341103
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.323.1652.0, AS: 1.323.1652.0, NIS: 1.323.1652.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-21 23:35:14.192
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...25&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_D:\Downloads\Games\Gears.Tactics-CODEX\setup.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.323.1652.0, AS: 1.323.1652.0, NIS: 1.323.1652.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-21 23:34:48.279
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...25&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_D:\Downloads\Games\Gears.Tactics-CODEX\setup.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.323.1652.0, AS: 1.323.1652.0, NIS: 1.323.1652.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

CodeIntegrity:
===================================

Date: 2020-09-26 16:24:27.096
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:27.080
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:27.064
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:27.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:27.029
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:27.013
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:26.997
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-26 16:24:26.976
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0801 04/19/2013
Motherboard: ASUSTeK COMPUTER INC. SABERTOOTH Z87
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 16322.63 MB
Available physical RAM: 9962.93 MB
Total Virtual: 20290.63 MB
Available Virtual: 11574.06 MB

==================== Drives ================================

Drive b: (System Reserved) (Fixed) (Total:0.33 GB) (Free:0.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive c: () (Fixed) (Total:930.67 GB) (Free:386.85 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.07 GB) (Free:58.06 GB) NTFS

\\?\Volume{5a42e184-0000-0000-0000-10c0e8000000}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{e3184ddb-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5A42E184)
Partition 1: (Active) - (Size=337 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=499 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E3184DDB)
Partition 1: (Not Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================


  • 0

#5
RKinner
Posted 27 September 2020 - 09:23 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Uninstall (Control Panel, Programs & Features)

CORSAIR iCUE Software - causing errors - you can try a new install once we are done

EaseUS Todo Backup Free 10.6 - Appears to use a lot of CPU time.  If this is a free version it will only back up 2 GB of files.  You can reinstall when done.

ExpressVPN - slows your PC down - you can try a new install once we are done

Intel® Hardware Accelerated Execution Manager - causing errors
Java 8 Update 231 (64-bit) - often used by malware - you can reinstall when we are done IF you know you need it.  Most people do not.
Java SE Development Kit 7 Update 55 - obsolete
Java SE Development Kit 8 Update 171 - obsolete

RogueKiller version 14.7.3.0 - no need for it to stay resident.  Install a new copy if you need to scan again.

SUPERAntiSpyware - worthless

Uninstall: (Settings, Apps,Apps & Features, click on app and Uninstall) - Unless you really use these:

MSN Food & Drink
MSN Health & Fitness
MSN Sports
MSN Travel

 

Consider:

Replacing obsolete Logitach Gaming Software:

https://www.pcgamer....azzy-new-g-hub/

 

Update: Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)

Your version is very old and known to cause problems.  You may not be able to get the latest (Version 16.something)

https://downloadcent...logy-Intel-RST-

but usually Version 14 will work.

https://downloadcent...r?product=55005

Download the SetupRST.zip file.  Save and right click and Extract All, Extract.  Right click on SetupRST.exe and Run As admin)

 

 

Search for

task scheduler

hit Enter

Click on the arrow in front of Task Scheduler Library then

Click on the arrow in front of Microsoft

Click on the arrow in front of Windows

Click on Application Experience.  In the next pane to the right, right click on each Task and Disable.  Should be three tasks.

Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Disable.  Should be two tasks.

Download OOSU10.exe:

https://www.oo-softw...com/en/shutup10

Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.

Close the program but wait to reboot.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   275.12KB   192 downloads
Pause your Anti-Virus!
Run FRST (right click and Run As Admin) and press Fix,  This will remove a lot of deadwood and also check that your system file are good.  Will take about 25 minutes so be patient.
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Let's see if it needs speeding up:

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.



 

 


 


  • 0

#6
BeazMagic
Posted 29 September 2020 - 05:26 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Thank you for the great reply. Here are the 2 logs FRST.txt and Addition.txt Ill continue down the steps right now

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Matt (administrator) on MBEAZLEY (ASUS All Series) (29-09-2020 19:19:24)
Running from C:\Users\Matt\Downloads
Loaded Profiles: Matt
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\APRP\aprp.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvLaunch.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\Matt\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SoundSwitch -> SoundSwitch) C:\Program Files\SoundSwitch\SoundSwitch.exe
(Spotify AB -> Spotify Ltd) C:\Users\Matt\AppData\Local\Spotify\Update\spotify_installer-1.1.43.700.g20acee0f-25.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322616 2020-03-05] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [Spotify] => C:\Users\Matt\AppData\Roaming\Spotify\Spotify.exe [23360232 2020-09-29] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32411536 2020-09-24] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [SoundSwitch] => C:\Program Files\SoundSwitch\SoundSwitch.exe [325784 2020-09-12] (SoundSwitch -> SoundSwitch)
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104586376 2020-09-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port 11.8 Monitor: C:\WINDOWS\system32\NxPrinterMonitor11.dll [749664 2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-21] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070BD7C3-2077-4310-8CED-FE5B259AC863} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C71A037-F5BB-4F4E-A0D5-F1F5372718A2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10AD99B1-9990-4C73-B8E9-E6EA376A9E3D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {278A5B53-F7ED-4434-8A6C-726AEE68D072} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A0A56DB-79CF-43FA-9BCC-DD8AE6441B6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-14] (Google LLC -> Google LLC)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {373E9A05-E957-40C2-8A12-C15F43211A66} - System32\Tasks\{C39E3313-CBC2-49FC-976C-52ED16DBECF2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Autodesk\Content Service\Setup\Setup.exe" -c /P {62F029AB-85F2-0000-866A-9FC0DD99DDBC} /M ContentService /LANG en-US
Task: {3A826F76-295D-4612-BC1E-B11697B8CFA7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A922EEF-301E-471A-B5AE-75D9E6C1E873} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4E1FE45B-03F7-493D-B89E-263F55F92485} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-20] (Adobe Inc. -> Adobe)
Task: {4FBB0A61-383E-4680-BCB9-9F1CC4E9BEF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {51F35214-B1A8-472D-9C00-9AF5B2DB532C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A6A6799-0029-4F40-8D64-EA962C96EB9B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-20] (Adobe Inc. -> Adobe)
Task: {5E230A54-E55F-4F50-900B-C1153084916B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6069C2D0-0780-499D-BEE3-29078791E60F} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {689CC6D6-AB93-4A13-9549-65AC7A851BC0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3897992 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {70FD5AC2-2F72-4134-8F3F-6D107D975E37} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {753BBD8C-9AA5-4187-937A-CBCA4FE1AF72} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E69B7F8-5024-4B8A-A06C-8F5730C3770D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {9A4C9655-FD3D-48C9-8EBE-2C29DF2CF91A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F97E855-EBAB-47B0-825D-167149A9B020} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {A286E194-52E0-4564-AE7D-6C6AE32CA916} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [3196064 2013-01-08] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {B04FC1B9-D2DA-44E4-B6BF-807110D382D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAA0C2BE-FE38-4A11-B32C-003321F20C41} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C50A5EA2-17AF-4649-AF63-D4D3E29A119E} - System32\Tasks\ViGEmBusUpdater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {CB6C09F3-869B-4678-8142-C1C2E10D75BC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {CFACC54C-4419-4753-B2F6-AA527360CCA5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {D3530527-1F26-4C62-AA0F-C54649DC201B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-14] (Google LLC -> Google LLC)
Task: {D851B149-DAF0-4775-A863-83E6E464651C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD86B64C-F686-4885-8F85-9D8834AF07F5} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE815B31-F33E-48B7-A56F-0D07ACE50382} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6617D4F-7687-471C-A312-D22B33CB0A5E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {F5B740C4-9CC8-427F-91FD-C57725BF117E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193
Tcpip\..\Interfaces\{bf11c3f8-7de5-4c0c-9aad-11e196607a3d}: [DhcpNameServer] 24.226.1.93 24.226.10.193

Edge:
======
Edge Profile: C:\Users\Matt\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-26]

FireFox:
========
FF DefaultProfile: trnyvziw.default
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\0mx7j511.default-release-1 [2020-09-27]
FF Homepage: Mozilla\Firefox\Profiles\0mx7j511.default-release-1 -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\0mx7j511.default-release-1 -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-09-22 04:28:05&bName=&bitmask=0600
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\jieo3ae9.default-release [2020-09-27]
FF Homepage: Mozilla\Firefox\Profiles\jieo3ae9.default-release -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\jieo3ae9.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-09-22 04:28:05&bName=&bitmask=0600
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default [2020-09-29]
FF NewTab: Mozilla\Firefox\Profiles\trnyvziw.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-09-22 04:28:05&bName=&bitmask=0600
FF Notifications: Mozilla\Firefox\Profiles\trnyvziw.default -> hxxps://froliclabs.slack.com; hxxps://supargames.slack.com
FF Extension: (Facebook Container) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\@contain-facebook.xpi [2020-09-29]
FF Extension: (Reddit Enhancement Suite) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\[email protected] [2020-09-29]
FF Extension: (uBlock Origin) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\[email protected] [2020-08-22]
FF Extension: (Imagus) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\trnyvziw.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2020-04-13] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-20] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-20] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default [2020-09-26]
CHR Extension: (Slides) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-14]
CHR Extension: (Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-14]
CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-14]
CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-14]
CHR Extension: (Sheets) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-14]
CHR Extension: (Google Docs Offline) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-14]
CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-20] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] (ASUSTeK Computer Inc. -> )
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [358432 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7871424 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8457232 2019-05-31] (BattlEye Innovations e.K. -> )
S4 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-04-18] (Apple Inc. -> Apple Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818288 2020-08-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11139720 2020-09-29] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-23] (Malwarebytes Inc -> Malwarebytes)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-10-28] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] (ASUSTeK Computer Inc. -> )
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206456 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235648 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195712 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61056 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42832 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175256 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [517648 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469944 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [326488 2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\66043\driver_cpu_temperature\logi_core_temp.sys [25448 2020-09-29] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-09-29] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2020-09-29] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-09-29] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-23] (Malwarebytes Inc -> Malwarebytes)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [51776 2019-09-19] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer Inc. -> Razer, Inc.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows ® Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-09-27] (Adlice -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\LED Sync\WinRing0\WinRing0x64.sys [14536 2017-11-16] (EVGA -> OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-29 19:12 - 2020-09-29 19:17 - 000397852 ____C C:\Users\Matt\Downloads\Fixlog.txt
2020-09-29 19:09 - 2020-09-29 19:09 - 001375592 _____ (O&O Software GmbH) C:\Users\Matt\Downloads\OOSU10.exe
2020-09-29 19:09 - 2020-09-29 19:09 - 000000000 ____D C:\Users\Matt\AppData\Local\OO Software
2020-09-29 19:06 - 2020-09-29 19:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-09-29 19:05 - 2020-09-29 19:05 - 014167132 _____ C:\Users\Matt\Downloads\SetupRST.zip
2020-09-29 19:05 - 2020-09-29 19:05 - 000000000 ___DC C:\Users\Matt\Downloads\SetupRST
2020-09-29 19:05 - 2020-09-29 19:05 - 000000000 ___DC C:\Users\Matt\Downloads\RST_CLI_Pro_x64
2020-09-29 19:04 - 2020-09-29 19:04 - 001037051 _____ C:\Users\Matt\Downloads\RST_CLI_Pro_x64.zip
2020-09-29 19:03 - 2020-09-29 19:19 - 000000000 ____D C:\Users\Matt\AppData\Roaming\LGHUB
2020-09-29 19:03 - 2020-09-29 19:19 - 000000000 ____D C:\Users\Matt\AppData\Local\LGHUB
2020-09-29 19:03 - 2020-09-29 19:03 - 000000726 ____C C:\Users\Public\Desktop\Logitech G HUB.lnk
2020-09-29 19:03 - 2020-09-29 19:03 - 000000726 ____C C:\ProgramData\Desktop\Logitech G HUB.lnk
2020-09-29 19:03 - 2020-09-29 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-09-29 19:03 - 2020-09-29 19:03 - 000000000 ____D C:\Program Files\LGHUB
2020-09-29 19:02 - 2020-09-29 19:03 - 021882800 _____ (Intel Corporation) C:\Users\Matt\Downloads\SetupRST.exe
2020-09-29 19:02 - 2020-09-29 19:03 - 000000000 ____D C:\ProgramData\LGHUB
2020-09-29 19:02 - 2020-09-29 19:02 - 000066808 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2020-09-29 19:02 - 2020-09-29 19:02 - 000038136 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2020-09-29 19:02 - 2020-09-29 19:02 - 000026672 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2020-09-29 19:01 - 2020-09-29 19:02 - 036588168 _____ (Logitech, Inc.) C:\Users\Matt\Downloads\lghub_installer.exe
2020-09-27 02:08 - 2020-09-28 01:33 - 000643722 _____ C:\WINDOWS\ntbtlog.txt
2020-09-26 23:58 - 2020-09-22 00:27 - 000001030 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200926-235820.backup
2020-09-26 23:16 - 2020-09-26 23:16 - 000291606 _____ C:\Users\Matt\Downloads\TCPView.zip
2020-09-26 23:15 - 2020-09-27 02:10 - 000000000 ____D C:\ProgramData\TEMP
2020-09-26 23:15 - 2020-09-26 23:15 - 004432744 _____ (BrightFort LLC ) C:\Users\Matt\Downloads\spywareblastersetup60.exe
2020-09-26 23:15 - 2020-09-26 23:15 - 000001152 ____C C:\Users\Public\Desktop\SpywareBlaster.lnk
2020-09-26 23:15 - 2020-09-26 23:15 - 000001152 ____C C:\ProgramData\Desktop\SpywareBlaster.lnk
2020-09-26 23:15 - 2020-09-26 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2020-09-26 23:15 - 2020-09-26 23:15 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2020-09-26 23:15 - 2019-10-19 12:13 - 000129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2020-09-26 23:11 - 2020-09-29 19:18 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-09-26 23:11 - 2020-09-26 23:53 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-09-26 23:11 - 2020-09-26 23:11 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2020-09-26 23:11 - 2020-09-26 23:11 - 000001452 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2020-09-26 23:11 - 2020-09-26 23:11 - 000001452 ____C C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2020-09-26 23:11 - 2020-09-26 23:11 - 000000000 ___DC C:\Safer-Networking Ltd
2020-09-26 23:11 - 2020-09-26 23:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2020-09-26 23:11 - 2020-09-26 23:11 - 000000000 ____D C:\Users\Matt\AppData\Local\Safer-Networking Ltd
2020-09-26 23:11 - 2020-09-26 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2020-09-26 23:11 - 2019-06-21 08:34 - 000019904 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Spybot3ELAM.sys
2020-09-26 23:11 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2020-09-26 23:09 - 2020-09-26 23:09 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybotsd-2.8.68.0.exe
2020-09-26 16:45 - 2020-09-27 02:10 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-09-26 16:22 - 2020-09-26 16:22 - 000000080 ___SH C:\bootTel.dat
2020-09-26 15:05 - 2020-09-26 15:05 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-09-26 15:05 - 2020-09-26 15:05 - 000001092 ____C C:\Users\Public\Desktop\Notepad++.lnk
2020-09-26 15:05 - 2020-09-26 15:05 - 000001092 ____C C:\ProgramData\Desktop\Notepad++.lnk
2020-09-26 14:58 - 2020-09-26 14:58 - 040327848 _____ (Adlice Software ) C:\Users\Matt\Downloads\RogueKiller_setup_ref3.exe
2020-09-26 14:48 - 2020-09-26 16:47 - 000247810 ____C C:\Users\Matt\Downloads\Addition.txt
2020-09-26 14:46 - 2020-09-29 19:20 - 000029622 ____C C:\Users\Matt\Downloads\FRST.txt
2020-09-26 14:30 - 2020-09-29 19:20 - 000000000 ___DC C:\FRST
2020-09-26 14:29 - 2020-09-26 14:29 - 002299392 _____ (Farbar) C:\Users\Matt\Downloads\FRST64.exe
2020-09-26 14:22 - 2020-09-26 14:22 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-09-26 14:22 - 2020-09-26 14:22 - 000002023 ____C C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-09-26 14:22 - 2020-09-26 14:22 - 000002023 ____C C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-09-26 14:22 - 2020-09-26 14:22 - 000000000 ____D C:\Users\Matt\AppData\Roaming\AVG
2020-09-26 14:21 - 2020-09-27 01:46 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-09-26 14:21 - 2020-09-26 14:21 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000517648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000469944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000339080 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-09-26 14:21 - 2020-09-26 14:21 - 000326488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000235648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000206456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000195712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000175256 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000061056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000042832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-09-26 14:21 - 2020-09-26 14:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-09-26 14:21 - 2020-09-26 14:21 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-09-26 14:21 - 2020-09-26 14:21 - 000000000 ____D C:\Program Files\AVG
2020-09-26 06:21 - 2020-09-26 16:23 - 000000000 ___DC C:\SUPERDelete
2020-09-26 02:30 - 2020-09-26 02:31 - 000000000 ___DC C:\AdwCleaner
2020-09-26 02:30 - 2020-09-26 02:30 - 008414384 _____ (Malwarebytes) C:\Users\Matt\Downloads\adwcleaner_8.0.7.exe
2020-09-26 02:07 - 2020-09-26 02:07 - 000000000 ____D C:\ProgramData\Loaris
2020-09-26 02:06 - 2020-09-26 02:07 - 068579744 _____ (Loaris Inc. ) C:\Users\Matt\Downloads\setup-ltr-3.1.26.228636667.exe
2020-09-26 02:01 - 2020-09-26 02:01 - 002588891 _____ C:\Users\Matt\Downloads\ProcessExplorer.zip
2020-09-26 02:00 - 2020-09-27 02:15 - 000000649 ____C C:\Users\Matt\Desktop\ESET Online Scanner.lnk
2020-09-26 01:59 - 2020-09-27 02:15 - 000000777 ____C C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-09-26 01:59 - 2020-09-26 01:59 - 053491672 _____ (SUPERAntiSpyware) C:\Users\Matt\Downloads\SUPERAntiSpyware.exe
2020-09-26 01:59 - 2020-09-26 01:59 - 014860896 _____ (ESET spol. s r.o.) C:\Users\Matt\Downloads\esetonlinescanner.exe
2020-09-26 01:59 - 2020-09-26 01:59 - 000000000 ____D C:\Users\Matt\AppData\Local\ESET
2020-09-25 20:30 - 2020-09-29 19:20 - 000060455 _____ C:\WINDOWS\ZAM.krnl.trace
2020-09-24 19:41 - 2020-09-24 19:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-24 19:26 - 2020-09-25 20:30 - 000000000 ___DC C:\Program Files (x86)\Mozilla Firefox
2020-09-23 14:55 - 2020-09-26 01:56 - 000000000 ____D C:\Users\Matt\AppData\Roaming\GlarySoft
2020-09-23 14:52 - 2020-09-23 14:52 - 000001325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2020-09-23 14:52 - 2020-09-23 14:52 - 000001313 ____C C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2020-09-23 14:52 - 2020-09-23 14:52 - 000001313 ____C C:\ProgramData\Desktop\Absolute Uninstaller.lnk
2020-09-23 14:52 - 2020-09-23 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2020-09-23 14:52 - 2020-09-23 14:52 - 000000000 ____D C:\ProgramData\GlarySoft
2020-09-23 14:52 - 2020-09-23 14:52 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2020-09-23 14:51 - 2020-09-23 14:51 - 005844400 _____ (Glarysoft Ltd) C:\Users\Matt\Downloads\ausetup.exe
2020-09-23 14:08 - 2020-09-23 14:23 - 000000000 ___DC C:\Users\Matt\Desktop\RegBackup
2020-09-23 13:54 - 2020-03-12 18:53 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-09-23 13:37 - 2020-09-23 13:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-23 13:37 - 2020-09-23 13:37 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-22 18:45 - 2020-09-22 18:45 - 005047944 _____ (BitTorrent Inc.) C:\Users\Matt\Downloads\BitTorrent.exe
2020-09-22 00:51 - 2020-09-29 16:35 - 000000000 ____D C:\ProgramData\AVG
2020-09-22 00:47 - 2020-09-22 00:47 - 000261056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Matt\Downloads\avg_antivirus_free_setup.exe
2020-09-22 00:35 - 2020-09-20 18:26 - 000046604 _____ C:\Users\Matt\AppData\Local\EF920EC
2020-09-22 00:34 - 2020-09-29 16:44 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0475CD84-BA63-4DD2-9D1F-B88B09BA13DD}
2020-09-22 00:34 - 2020-09-26 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Updates
2020-09-22 00:31 - 2020-09-20 18:26 - 000046604 _____ C:\Users\Matt\AppData\Local\7D4C57E
2020-09-22 00:29 - 2020-09-22 00:40 - 000000000 __SHD C:\Users\Matt\AppData\Roaming\trelos
2020-09-22 00:28 - 2020-09-26 02:31 - 000000000 ____D C:\Users\Matt\AppData\Local\Lavasoft
2020-09-22 00:28 - 2020-09-26 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-09-22 00:27 - 2018-08-29 15:48 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2020-09-21 23:50 - 2020-09-21 23:50 - 000000000 ___DC C:\Users\Matt\AppData\LocalLow\Unexpected Studio
2020-09-21 23:45 - 2001-05-24 15:00 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2020-09-21 23:40 - 2020-09-21 23:41 - 000000000 ____D C:\Users\Matt\AppData\Local\Disc_Soft_Ltd
2020-09-21 23:40 - 2020-09-21 23:40 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\Users\Public\Documents\Daemon Tools Images
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\Users\Public\Documents\Catch!
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\ProgramData\Documents\Daemon Tools Images
2020-09-21 23:40 - 2020-09-21 23:40 - 000000000 ___DC C:\ProgramData\Documents\Catch!
2020-09-21 23:39 - 2020-09-21 23:39 - 000791712 _____ (Disc Soft Ltd.) C:\Users\Matt\Downloads\DTLiteInstaller.exe
2020-09-12 13:09 - 2020-09-12 13:09 - 001236552 _____ (Adobe Inc) C:\Users\Matt\Downloads\flashplayer32au_a_install.exe
2020-09-09 09:39 - 2020-09-09 09:39 - 000000000 ___DC C:\Users\Matt\Documents\Zoom
2020-09-08 22:44 - 2020-09-08 22:44 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-08 22:44 - 2020-09-08 22:44 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-08 22:44 - 2020-09-08 22:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-08 22:44 - 2020-09-08 22:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-08 22:44 - 2020-09-08 22:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-08 22:43 - 2020-09-08 22:43 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-08 22:43 - 2020-09-08 22:43 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-08 22:43 - 2020-09-08 22:43 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-08 22:43 - 2020-09-08 22:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-08 22:43 - 2020-09-08 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-08 22:36 - 2020-09-08 22:36 - 000492544 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-08 22:36 - 2020-09-08 22:36 - 000390656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-08 21:31 - 2020-09-08 21:31 - 000000000 ___DC C:\Users\Matt\AppData\LocalLow\NExTStudios
2020-09-03 18:55 - 2020-09-03 18:55 - 000000262 ____C C:\Users\Matt\Desktop\Into The Breach.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-29 19:20 - 2017-06-03 03:18 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-09-29 19:19 - 2017-01-21 16:37 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Spotify
2020-09-29 19:19 - 2017-01-21 16:37 - 000000000 ___DC C:\Users\Matt\AppData\Local\Spotify
2020-09-29 19:18 - 2020-02-01 17:41 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2020-09-29 19:18 - 2019-03-19 00:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-09-29 19:17 - 2017-09-30 18:58 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\discord
2020-09-29 19:17 - 2013-06-14 05:02 - 000000000 ___DC C:\Program Files (x86)\Steam
2020-09-29 19:15 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-29 19:06 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-29 19:06 - 2013-06-12 05:57 - 000000000 ___DC C:\Program Files\Intel
2020-09-29 19:06 - 2013-06-12 05:52 - 000000000 ___DC C:\Program Files (x86)\Intel
2020-09-29 19:02 - 2014-01-16 17:07 - 000000000 ___DC C:\Users\Matt\AppData\Local\Battle.net
2020-09-29 16:37 - 2013-06-12 07:35 - 000000000 ___DC C:\Program Files (x86)\StarCraft II
2020-09-29 16:36 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-29 16:36 - 2017-12-27 15:25 - 000000000 ___DC C:\Users\Matt\AppData\Local\Packages
2020-09-29 16:33 - 2013-07-22 16:05 - 000000000 ___DC C:\Program Files (x86)\Java
2020-09-29 16:29 - 2020-02-01 17:43 - 000936788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-29 16:28 - 2019-11-28 18:57 - 000000000 __HDC C:\Users\Public\Documents\AdobeGCData
2020-09-29 16:28 - 2019-11-28 18:57 - 000000000 __HDC C:\ProgramData\Documents\AdobeGCData
2020-09-29 16:28 - 2016-11-18 03:01 - 000000000 ___DC C:\Users\Matt\AppData\LocalLow\Mozilla
2020-09-29 16:26 - 2018-07-29 18:39 - 000000000 ___DC C:\Users\Matt\AppData\Local\D3DSCache
2020-09-29 16:25 - 2019-11-05 23:18 - 000000000 ___DC C:\Program Files\Cheat Engine 7.0
2020-09-28 01:33 - 2020-02-01 17:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-27 02:15 - 2019-10-28 18:28 - 000000000 ___DC C:\Users\Matt\AppData\Local\AMSDK
2020-09-27 01:50 - 2017-12-26 16:26 - 000000000 ___DC C:\Program Files (x86)\EaseUS
2020-09-27 01:50 - 2016-12-09 09:38 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\BitTorrent
2020-09-27 01:49 - 2013-07-13 22:42 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-09-27 01:47 - 2014-04-18 13:24 - 000000000 ___DC C:\ProgramData\Package Cache
2020-09-26 23:15 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-09-26 23:15 - 2013-08-22 11:36 - 000000000 __HDC C:\WINDOWS\system32\GroupPolicy
2020-09-26 15:05 - 2013-06-13 09:54 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Notepad++
2020-09-26 15:05 - 2013-06-13 09:54 - 000000000 ___DC C:\Program Files (x86)\Notepad++
2020-09-26 14:21 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-26 04:43 - 2015-04-07 18:12 - 000000000 ___DC C:\Users\Matt\Documents\USB Dumps
2020-09-26 04:41 - 2013-08-09 03:43 - 000000000 ___DC C:\Games
2020-09-26 04:35 - 2015-02-07 14:58 - 000000000 ___DC C:\Users\Matt\Documents\Portfolio
2020-09-26 04:29 - 2013-07-02 15:20 - 000000000 ___DC C:\Users\Matt\Documents\Projects
2020-09-26 04:25 - 2018-06-19 00:04 - 000000000 ___DC C:\Users\Matt\Documents\Warhammer RPGs
2020-09-26 04:05 - 2020-02-01 17:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-26 04:04 - 2019-03-29 07:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-26 01:54 - 2013-06-14 13:33 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\vlc
2020-09-25 23:22 - 2014-01-16 17:07 - 000000000 ___DC C:\Program Files (x86)\Battle.net
2020-09-25 20:37 - 2020-06-19 13:05 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-25 20:37 - 2020-06-19 13:05 - 000002276 ____C C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-25 20:37 - 2020-06-19 13:05 - 000002276 ____C C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-25 20:30 - 2013-06-13 14:45 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-24 22:35 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-24 20:25 - 2020-04-14 18:18 - 000000000 ___DC C:\Users\Matt\Documents\DnD
2020-09-24 19:45 - 2013-06-13 14:45 - 000000000 ___DC C:\ProgramData\Mozilla
2020-09-24 19:41 - 2013-06-13 14:45 - 000001163 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-24 18:39 - 2019-11-05 02:52 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.2.11f1 (64-bit)
2020-09-23 22:38 - 2018-06-07 01:42 - 000000000 ___DC C:\System Backup
2020-09-23 14:48 - 2020-06-30 19:49 - 000477184 ___SH C:\EUMONBMP.SYS
2020-09-23 14:48 - 2020-06-30 19:49 - 000000000 ____D C:\WINDOWS\system32\config\regsave
2020-09-23 13:38 - 2015-12-21 00:49 - 000000000 ___DC C:\Users\Matt\AppData\Local\CrashDumps
2020-09-23 13:37 - 2020-07-31 00:25 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-23 13:37 - 2019-08-13 16:20 - 000153312 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-23 13:37 - 2019-08-13 16:20 - 000001981 ____C C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-23 13:37 - 2019-08-13 16:20 - 000001981 ____C C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-21 23:50 - 2013-06-11 09:21 - 000000000 ___DC C:\Users\Matt\Documents\My Games
2020-09-21 22:25 - 2020-04-14 18:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-21 22:25 - 2020-04-14 18:44 - 000002260 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-21 22:25 - 2020-04-14 18:44 - 000002260 ____C C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-21 02:59 - 2017-12-26 23:41 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Factorio
2020-09-20 15:01 - 2020-04-13 09:09 - 000000998 ____C C:\Users\Matt\Desktop\SoundSwitch.lnk
2020-09-20 15:01 - 2020-04-13 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundSwitch
2020-09-20 15:01 - 2020-04-13 09:09 - 000000000 ____D C:\Program Files\SoundSwitch
2020-09-20 14:46 - 2013-07-26 00:10 - 000000000 ___DC C:\Users\Matt\AppData\Local\Adobe
2020-09-20 14:23 - 2020-02-01 17:41 - 000004572 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-20 14:23 - 2019-03-19 00:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-20 14:23 - 2019-03-19 00:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-20 14:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-20 14:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-10 15:01 - 2017-09-30 18:58 - 000002226 ____C C:\Users\Matt\Desktop\Discord.lnk
2020-09-10 15:01 - 2017-09-30 18:58 - 000000000 ___DC C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-09-10 15:01 - 2017-09-30 18:58 - 000000000 ___DC C:\Users\Matt\AppData\Local\Discord
2020-09-09 09:32 - 2020-02-01 17:30 - 005291800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-09 09:32 - 2017-12-27 15:41 - 000000000 __RDC C:\Users\Matt\3D Objects
2020-09-09 09:32 - 2014-06-17 20:41 - 000000000 _RHDC C:\Users\Public\AccountPictures
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-09 03:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-08 22:51 - 2013-08-30 01:52 - 000000000 ___DC C:\WINDOWS\system32\MRT
2020-09-08 22:47 - 2013-06-13 03:33 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-08 22:43 - 2020-02-01 17:33 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-05 01:26 - 2020-04-15 17:06 - 000000000 ___DC C:\Users\Matt\Documents\CoC
2020-09-03 19:50 - 2013-06-11 08:21 - 000000000 ___DC C:\Users\Matt\AppData\Local\NVIDIA
2020-09-02 23:58 - 2016-12-20 17:26 - 000000000 ___DC C:\Users\Matt\AppData\Local\ElevatedDiagnostics
2020-09-02 18:06 - 2018-03-02 15:58 - 000000000 ___DC C:\WINDOWS\system32\Drivers\wd
2020-09-02 17:59 - 2018-12-03 11:30 - 000000907 ____C C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-09-01 06:54 - 2020-02-01 17:34 - 000000000 ____D C:\Users\Matt

==================== Files in the root of some directories ========

2015-12-01 22:20 - 2016-04-28 13:45 - 000000132 ____C () C:\Users\Matt\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-04-16 10:29 - 2020-04-16 10:29 - 000320181 ___SH () C:\Users\Matt\AppData\Roaming\cabsdbh
2016-05-16 20:54 - 2016-05-16 20:54 - 051703104 ____C () C:\Users\Matt\AppData\Roaming\chport.exe
2018-03-27 11:25 - 2018-04-05 01:20 - 000001071 ____C () C:\Users\Matt\AppData\Roaming\jd-gui.cfg
2016-05-16 20:54 - 2016-05-16 20:54 - 000000009 ____C () C:\Users\Matt\AppData\Roaming\update.dat
2020-09-22 00:31 - 2020-09-20 18:26 - 000046604 _____ () C:\Users\Matt\AppData\Local\7D4C57E
2020-09-22 00:35 - 2020-09-20 18:26 - 000046604 _____ () C:\Users\Matt\AppData\Local\EF920EC
2019-11-29 16:38 - 2019-11-29 16:38 - 000000000 ____C () C:\Users\Matt\AppData\Local\oobelibMkey.log
2017-10-13 22:46 - 2017-10-14 02:16 - 000000600 ____C () C:\Users\Matt\AppData\Local\PUTTY.RND
2017-07-09 19:41 - 2017-07-09 19:41 - 000000867 ____C () C:\Users\Matt\AppData\Local\recently-used.xbel
2013-08-09 04:07 - 2019-12-12 17:33 - 000007599 ____C () C:\Users\Matt\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#7
BeazMagic
Posted 29 September 2020 - 05:26 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Matt (29-09-2020 19:21:08)
Running from C:\Users\Matt\Downloads
Windows 10 Home Version 1909 18363.1082 (X64) (2020-02-01 21:41:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3050370261-3023350426-1843181019-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3050370261-3023350426-1843181019-503 - Limited - Disabled)
Guest (S-1-5-21-3050370261-3023350426-1843181019-501 - Limited - Disabled)
Matt (S-1-5-21-3050370261-3023350426-1843181019-1001 - Administrator - Enabled) => C:\Users\Matt
WDAGUtilityAccount (S-1-5-21-3050370261-3023350426-1843181019-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 5.3.1.26 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.26 - Glarysoft Ltd)
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.020 - ASUSTek Computer Inc.)
Aurora (HKLM-x32\...\{A65BAA2D-2281-4DEE-93E0-34F323527587}) (Version: 1.0.3 - Aurora)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.7.3140 - AVG Technologies)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version:  - Cheat Engine)
Clang with Microsoft CodeGen (HKLM-x32\...\{D1065428-0EDB-3B41-9563-A5E49F98A496}) (Version: 14.0.25516 - Microsoft Corporation) Hidden
Clang with Microsoft CodeGen (HKLM-x32\...\{F6F4C76B-0D67-3B2C-81E2-5B9299E99EDE}) (Version: 14.0.25516 - Microsoft Corporation) Hidden
Clang with Microsoft CodeGen for Microsoft Visual Studio 2015 (HKLM-x32\...\{da78a187-c216-4b8f-b2ff-f6f254e2e26e}) (Version: 14.0.25516.0 - Microsoft Corporation)
DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
DWG TrueView 2014 (HKLM\...\{5783F2D7-D028-0409-0100-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{A9C35F4D-0340-4588-A3F2-71DF8CD2C456}) (Version: 1.1.117.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FireStorm version V2.0.0.006 (HKLM-x32\...\FireStorm_is1) (Version: V2.0.0.006 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{5018D8E6-8D8E-4F76-9AFD-CB2EF1100E84}) (Version: 13.0.089 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{791FF357-3DE8-485E-BD59-41844BB16415}) (Version: 13.0.089 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1072 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
LED Sync (HKLM-x32\...\{D10D6F85-907E-4F37-8E30-C17F6BC57813}) (Version: 1.1.0 - EVGA)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30642.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.4 (x64) (HKLM-x32\...\{6ea49e83-4bd6-41b7-85ee-aa6a433739bd}) (Version: 3.1.4.28821 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 81.0 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0 (x64 en-US)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 81.0.0.7565 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MTG Arena (HKLM\...\{46530058-EA0E-40C5-89AF-1084EA6E859B}) (Version: 0.1.3009 - Wizards of the Coast)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Nitro Pro (HKLM\...\{DBA6C72A-FD5D-4A65-A4D8-82D4CB8E818E}) (Version: 11.0.8.470 - Nitro)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.7 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6853 - Realtek Semiconductor Corp.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SoundSwitch 5.5.3.26916 (HKLM\...\SoundSwitch_is1) (Version: 5.5.3.26916 - Antoine Aflalo)
Spotify (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\Spotify) (Version: 1.1.43.700.g20acee0f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 - Safer-Networking Ltd.)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{33952D66-D503-10CA-DD8E-E365C15EB4E0}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B048B812-32DE-3474-FA64-223B6A63AD47}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4018334) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E27BA6F9-6C03-4D1F-B34F-E3B1AB6B5C36}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018334) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E27BA6F9-6C03-4D1F-B34F-E3B1AB6B5C36}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018334) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E27BA6F9-6C03-4D1F-B34F-E3B1AB6B5C36}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
ViGEm Bus Driver (HKLM\...\{4030BA52-E312-462E-B020-CCB5A2AC5497}) (Version: 1.16.116 - Nefarius Software Solutions e.U.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ for Mobile Development (iOS support) (HKLM-x32\...\{6aa67741-cbea-4763-a744-e612ed2e6294}) (Version: 14.0.25401.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{ACFEA151-D1BE-4114-875A-87328B6002D4}) (Version: 15.0.26315 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WeMod (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\WeMod) (Version: 6.3.10 - WeMod)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
Zemana AntiMalware version 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoom (HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-08] (Canon Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{3023B2DC-C93E-4FD8-9C20-FF18F1462052}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{43DB29DA-D3A0-460E-98AA-2A6C1026EC9B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{5DA73FA5-D291-41BF-80A1-8CD7D8BD8949}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-11-17] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-08-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-09-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-06-20] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3050370261-3023350426-1843181019-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3050370261-3023350426-1843181019-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3050370261-3023350426-1843181019-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-06-03 03:17 - 2020-09-29 19:18 - 000030720 ____C () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2020-06-20 23:29 - 2019-07-19 03:14 - 000009216 _____ () [File not signed] C:\Program Files\SoundSwitch\SerilogTraceListener.dll
2020-04-13 09:09 - 2020-09-12 14:57 - 000041984 _____ () [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.Common.dll
2020-04-13 09:09 - 2020-01-31 18:02 - 000513536 _____ (Mark Heath & Contributors) [File not signed] C:\Program Files\SoundSwitch\NAudio.dll
2020-04-13 09:09 - 2020-03-04 18:25 - 000103424 _____ (Microsoft) [File not signed] C:\Program Files\SoundSwitch\Microsoft.WindowsAPICodePack.dll
2020-04-13 09:09 - 2020-07-09 08:10 - 000030720 _____ (Muhammad Rehan Saeed (RehanSaeed.com)) [File not signed] C:\Program Files\SoundSwitch\Serilog.Exceptions.dll
2020-04-13 09:09 - 2020-09-10 02:20 - 000128000 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.dll
2020-04-13 09:09 - 2019-03-08 22:45 - 000006656 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.Enrichers.Environment.dll
2020-04-13 09:09 - 2019-05-02 23:41 - 000006144 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.Enrichers.Thread.dll
2020-04-13 09:09 - 2019-10-17 05:25 - 000028160 _____ (Serilog Contributors) [File not signed] C:\Program Files\SoundSwitch\Serilog.Sinks.File.dll
2020-04-13 09:09 - 2019-04-18 23:34 - 000012288 _____ (SoftFrame) [File not signed] C:\Program Files\SoundSwitch\RailSharp.dll
2020-04-13 09:09 - 2020-08-22 16:27 - 000027136 _____ (SoundSwitch) [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.Audio.Manager.dll
2020-06-20 23:29 - 2020-09-12 14:57 - 001416192 _____ (SoundSwitch) [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.dll
2020-06-20 23:29 - 2020-06-10 18:55 - 000006656 _____ (SoundSwitch.InterProcess.Communication) [File not signed] C:\Program Files\SoundSwitch\SoundSwitch.InterProcess.Communication.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [274]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2020-09-26 23:58 - 000454780 ___RC C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1    ultramediaburner.com
127.0.0.1    pro-zipper.com
127.0.0.1    productsdetails.online
127.0.0.1    post-back-url.com
127.0.0.1    rothsideadome.pw
127.0.0.1    room1.360dev.info
127.0.0.1    telechargini.com
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com

There are 15610 more lines.


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Users\Matt\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Skype\Phone\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\Matt\AppData\Local\Microsoft\WindowsApps;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 24.226.1.93 - 24.226.10.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}"
HKU\S-1-5-21-3050370261-3023350426-1843181019-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E98825FA-BB32-4E55-9408-1326C49E770A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [{C203FE27-E0A6-4FC2-8332-478D7C06E2DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [UDP Query User{62A9E94D-AE6D-4F7C-81F3-ABC92A33A89E}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{BBA81041-3614-4EC9-8C2F-10D1348C3682}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{1766453F-D0EE-46C3-82F1-15226AA51C36}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92DF0E2E-37B0-4D86-B140-3C416F77CE59}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{B07C4029-0E4C-4700-90EE-28707B9A82CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{443D2DAB-1F15-472F-A30A-AE228803A480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [UDP Query User{F8437226-56DA-46A9-9BD2-8FCC7711BC5C}C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{298206A5-5E22-49E7-B6EB-DE0F50DA6F41}C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{61E22352-BB2D-47CF-AF36-4A92045F9321}C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{46D1649C-3ACA-4E5D-A369-007AA7AF357D}C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{0661F454-B544-4B26-8947-BE9DA1C68645}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{73B9AD13-B9FD-48E3-B745-7E4AF520CF16}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{BCE40B69-CAEF-48F7-9B8A-BFA336F966F9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1D871C3E-2A2E-4440-AC86-4ADFE6286D73}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2F133310-9F04-4794-ADE7-B3CC82456A6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{92C66FED-53E1-44D5-8E61-A07F65595218}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [UDP Query User{BAAB673D-B259-4EAB-883E-2481EDBFD331}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5CB7E37C-0633-4FDC-AAA9-537309ADDD7E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{97DA605E-07FA-4A08-A215-77EE70ECFE9C}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{2DF75D85-43D6-49AF-B33A-04357CA92056}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{40E062D9-BB9E-4BF4-8317-197A00A15ABE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{12835F61-28CA-4715-8D47-03E3828A5F35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{ECD7776E-BA29-4A7A-A853-630FF2090C45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{8FBFA7F0-E87F-4009-9B2B-8EE0FF257C37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [UDP Query User{897A045E-CB7B-48E4-87FC-CC8C5D9A760A}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [TCP Query User{435F5B57-DE78-477C-BE84-408F813474B1}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [{3FF8ECF6-45A7-437F-9D0C-A4B21C8C24A8}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F73DACD-1E11-45B6-A799-2B584A883B16}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{98C1D359-41CA-427B-89DA-0410E6FB25C7}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Block) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{310B5C4C-5697-4920-8208-CF71A418C786}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Block) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D1A3F34B-EDAC-4160-9E47-5E737441ECC0}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F07B1ED8-8310-41E1-A799-F13FA80F472B}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FD38580-E4D8-476A-A55F-1257128D349D}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{5D3AB9AF-9EF3-43B1-AAED-3B9FD4DA269F}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{174B83FE-ED56-4AB6-B7CB-701A5362BDF2}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{812D20D8-62BC-4CB7-809C-38BAF8FE2B54}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{72BFA489-F516-4EF2-9541-FA1063458B59}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{BAF7F15C-BD75-42D0-A00D-CAC3D460A73B}] => (Allow) C:\Users\Matt\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [UDP Query User{A26F6D7A-3592-4434-8377-F74767917615}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{AFA5227C-0574-4BB9-9B95-6AAD5C9CA009}C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe => No File
FirewallRules: [{2D13D981-C30E-4F17-B874-6EBAA473C814}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08D6AB61-75BE-496B-B08C-59CFD13D5AB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D549BABB-C1D5-4921-906B-65F9452020CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{188CF124-C70D-41CC-A065-385348231E22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{C961100A-2C4B-49DD-9FD5-525A013C4351}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0768124D-1C89-4E15-8631-02AEB425C338}C:\users\matt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matt\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8122C145-C767-448B-BE53-8CBC3E465FFA}C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{356A51AB-4736-4545-945A-F74CF7D96471}C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{301886B7-83E0-48AA-8646-1CA7C5AF6D0F}C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{52FB0041-1D1C-41FB-B50D-88C6512AB6D6}C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.13\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{449DE6AB-A849-490F-8D06-D2C636398760}C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5A9915D2-02B4-479C-9053-9F2615ABD0BF}C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C015CC00-BD0D-43EA-BB16-A83287B1958A}C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C5633447-735B-42BC-B110-667D4D9C274F}C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.9\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4E9996D8-B391-4339-8491-D3732C95FF85}C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{043E9559-CE45-4218-992B-A0DDAC299BC1}C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files (x86)\epic games\4.7\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{EAB3D2AA-E899-43B3-9A9A-42DE65D5CA18}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3C4CE585-37F1-4E59-9DD0-A6105E15CD8C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5F9B66EB-FA82-4E49-88F7-1BCBF6058433}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5A007062-2E72-4D1F-AB82-F83622718451}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{235A5D11-2F1D-4D18-B4A7-A2FF5D8B9D44}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0F4976FB-701D-4971-9210-F93075C005FF}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{E7CF3390-7A81-456C-B177-17FBD766095E}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{930BA5CA-6B5B-4B4F-BF5A-AD316E0D4242}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A423931D-A306-4D5E-87A0-9631438CB05E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D9B8352D-4B9E-4175-BAB1-7665BB672A73}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [TCP Query User{4166316E-5605-4696-BCB4-DBF2D1D6F346}C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files (x86)\unity\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{9DBAD26E-4AC9-4F33-9FEF-515D4EDF4C83}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [TCP Query User{488837D3-3133-4D7A-BAE6-770EA6A9670F}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{A8EA72D4-7E1A-48EB-BBD0-A5BDA8AD5526}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{AA3EAC4E-A763-48DB-97AA-83078F41E183}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8621A795-3A24-4B1F-883D-357648BFAB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2008314-1044-4A90-9F0D-B48970370502}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D14BA361-7A99-45D4-A7CA-AF8A0F272227}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1D547635-408D-4AEB-8150-AA3323D4D880}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C968F353-EA1F-4DA9-B438-507F53385963}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A3AD226-D9C7-41D8-9F66-C25320DD2C96}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7D58CB35-642B-404A-8F21-76D2551C87D4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A02C5202-86A3-4E68-B627-E32B5FA75A6E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C3C60FE4-E39F-4AB1-A14F-52FFAF31C62F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{DE25BE28-A242-4DC2-BDB2-45B8F1E40102}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6BDA2148-372F-437C-BAA7-358783B7C888}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{7CFC680A-8316-47F4-8EDD-36AB0091F72C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{29DFCC9B-1EF1-4ECF-AB17-B956F3A58C2C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56F3FD56-3C92-4EF6-9DA2-F6D14F57CA24}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF5C493F-B9FF-4ACD-8836-B34F2442FC5C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CF3BE45-75EA-4E54-AD26-677CA2DAA620}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1694248-5892-4239-8E90-8EEDB8916A51}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{66920AD9-41E5-4FBD-9DFE-1894415B3E0D}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{13CEF0BD-B872-4EEF-AE0D-C1199370FF2D}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D77BB968-F4F4-444C-9B7A-6B91260D3532}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C2E08FD4-C18F-4966-BF3B-76016E7743DB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4515FDAF-24A6-428D-9E98-D694DB17D20A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe => No File
FirewallRules: [TCP Query User{84AFF3E8-7F41-489F-9722-74EE04869B8B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [UDP Query User{3F4EB2BF-48F1-4F5B-8D8E-04A4A908B473}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [TCP Query User{C952BBA6-8928-41C8-BE6D-C546BA456C03}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [UDP Query User{96921C5A-0D14-47D3-A251-52BE16D4A1A3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [TCP Query User{BC31EFC9-7CE1-4114-A00E-04B0A59FF9EA}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{B66B333F-8EF9-4191-BAD1-5000161C6B4D}C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{D4E79262-B7F7-4EE9-8A20-DF85A3E850D4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe => No File
FirewallRules: [{3ED08E8B-201D-4EC2-BDCD-321422531E71}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe => No File
FirewallRules: [{E1D35FAA-A9E9-4A68-8B35-FAEBDDF50636}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe => No File
FirewallRules: [{8CDB21AD-CC2B-40A1-BBA0-6706C8C650E4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe => No File
FirewallRules: [{CB9BEE19-5727-4C0B-A608-A34C8A48B68C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe => No File
FirewallRules: [{6A76E710-286C-47D9-A7ED-68428B1C317F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe => No File
FirewallRules: [{28CE7120-E0A9-4361-BF23-FAB328E25B5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3B524EF-1B19-489A-9ADD-F7921C01FF4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D45F6A41-3C56-4BA9-8C56-319C97550F2C}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [UDP Query User{70FF066C-0561-4CEE-8DD2-15A97E7B06AE}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [{C8753365-6CDB-4B46-9FD4-A30561C34BFE}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{0B8AA92A-4513-42EB-B038-5F585905A33A}] => (Allow) D:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{E4DF290A-0F6C-4D7B-9119-EE53E849133E}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{45B4956A-AE0F-4500-87BF-F65B432A2956}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{32BA7C84-6B42-4F09-A5C2-64023C3A75F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{EABCC431-C6AD-454C-8507-AF3E882AA6E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed]
FirewallRules: [{60957DB1-C884-4CF6-8A34-727CA7380559}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0014F013-6233-479B-8807-CE5ED64B9352}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5A927C6B-EA3D-4211-8B17-39081DA9C61C}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [UDP Query User{26D35368-DEFA-423D-972C-C12EB3F93EDC}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [{617B7390-9053-4FEC-9363-E6B59B075914}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{35CCB617-A34E-4B80-A565-151B1446A30A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{47087341-064A-4940-BB41-4ED8E7557DE1}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{4BF548E1-C701-4FB8-BF8C-B4DE01F31E63}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [{48F6C363-0203-4587-867B-B550E045AE23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{58CDB6A6-CD35-4BB9-8C85-EEF9342AABEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{4E63AF4C-5910-4C45-B2C1-3A38F3AA331D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{B78767C1-E9B0-4DC9-A146-B09F760F985F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{8AA3994E-8C36-4B92-A2D1-A338B7D35565}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{6BC40FB3-CF70-4C3B-AB5A-D3EEA6CD0D1F}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{5A3BD26B-BF80-4A17-BE18-76665E32B1B9}] => (Allow) C:\Users\Matt\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{67AB4931-9171-4297-87D7-06F3C98D6BA6}] => (Allow) C:\Games\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{E87CE1B0-192D-470C-B68E-FDEA3794BA07}] => (Allow) C:\Games\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{D3A66D35-E034-420A-A2A0-0A5E93D0F72B}] => (Allow) C:\Games\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{7D435465-2AC9-4D61-BF84-B4EFC34ED518}] => (Allow) C:\Games\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{D7BFC6A1-26FC-4485-A955-3BBE5D4059C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Moon Hunters\moonhunters.exe () [File not signed]
FirewallRules: [{E77AA8EE-DC22-4C49-879A-2676FC7C7AB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Moon Hunters\moonhunters.exe () [File not signed]
FirewallRules: [{3E2F174E-D6AA-4D21-9A92-1F2F33428D11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A242870-A8E9-4157-B0FC-F530F2F37124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BDA145D-75D6-487E-8230-43CFC99468EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11F57F7F-AF68-4752-AA04-831B8C7BF3F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A2FBCE42-4B18-4C9F-AFC8-5A4C0D463C25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{1AEDF353-F376-460B-A29F-7B8D3612700E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{40B1B6C8-7B54-4437-8A98-DDAA4DB13361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{7D58B2D9-7427-4128-BFD2-2DD0B50AE78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{A6D8206F-2D12-47E9-8B66-B94F28CF86E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{14361CD2-9B0E-4DF9-BD23-85A664E68888}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{689DFE72-0960-41B8-8A49-71447BB6EFFE}C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D4C14387-208E-4BCA-9E0F-D1946CC69887}C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81433\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{06534A87-33DE-44B6-8B25-9BE3F0AAC458}D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{8266476D-C3E0-4EC5-AAA7-B26E98D60AD1}D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\space hulk deathwing - enhanced edition\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe => No File
FirewallRules: [{2D38851F-12CB-4E9B-8AD7-A72143A4E604}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0786ED57-74A8-43AA-9A73-49280198CE32}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{35BA6EA1-1C27-485B-8196-B61A013F4680}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Restore Points =========================

29-09-2020 16:29:21 Removed CORSAIR iCUE Software
29-09-2020 19:10:11 O&O ShutUp10

==================== Faulty Device Manager Devices ============

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/29/2020 07:21:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x2aec
Faulting application start time: 0x01d696b753531719
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 698ece6e-ea9c-445b-8027-6f48058a53ca
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============

CodeIntegrity:
===================================

Date: 2020-09-29 19:19:52.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.271
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.241
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.226
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.209
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-29 19:19:52.180
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0801 04/19/2013
Motherboard: ASUSTeK COMPUTER INC. SABERTOOTH Z87
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 16322.63 MB
Available physical RAM: 12547.13 MB
Total Virtual: 20290.63 MB
Available Virtual: 14549.46 MB

==================== Drives ================================

Drive b: (System Reserved) (Fixed) (Total:0.33 GB) (Free:0.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive c: () (Fixed) (Total:930.67 GB) (Free:458.28 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.07 GB) (Free:92.49 GB) NTFS

\\?\Volume{5a42e184-0000-0000-0000-10c0e8000000}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{e3184ddb-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5A42E184)
Partition 1: (Active) - (Size=337 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=499 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E3184DDB)
Partition 1: (Not Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================


  • 0

#8
BeazMagic
Posted 29 September 2020 - 05:30 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the Process Explorer file

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    94.39    60 K    8 K    0            
procexp64.exe    1.75    56,440 K    90,860 K    3492    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    0.65    132,936 K    66,184 K    1284    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.62    159,108 K    71,748 K    1240    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Interrupts    0.53    0 K    0 K    n/a    Hardware Interrupts and DPCs        
firefox.exe    0.41    199,132 K    368,152 K    2940    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Taskmgr.exe    0.39    24,936 K    52,892 K    10612    Task Manager    Microsoft Corporation    (Verified) Microsoft Windows
System    0.26    200 K    2,188 K    4            
firefox.exe    0.17    141,408 K    210,168 K    11496    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
explorer.exe    0.13    73,376 K    117,784 K    4960    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.11    4,764 K    5,352 K    844    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SDTray.exe    0.10    17,480 K    30,720 K    10768    Spybot - Search & Destroy tray access    Safer-Networking Ltd.    (Verified) Safer-Networking Ltd.
AVGUI.exe    0.10    33,332 K    14,656 K    9724    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
FRST64.exe    0.07    457,080 K    481,892 K    9888    Farbar Recovery Scan Tool    Farbar    (No signature was present in the subject) Farbar
lghub_agent.exe    0.07    43,224 K    57,052 K    10928    LGHUB Agent    Logitech, Inc.    (Verified) Logitech Inc
SDFSSvc.exe    0.06    28,612 K    35,724 K    4900    Spybot 2 Scanner Service    Safer-Networking Ltd.    (Verified) Safer-Networking Ltd.
svchost.exe    0.03    18,000 K    23,052 K    2228    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
nvcontainer.exe    0.02    14,056 K    37,796 K    4820    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
SDUpdSvc.exe    0.02    12,004 K    19,052 K    4916    Spybot 2 Background Update Service    Safer-Networking Ltd.    (Verified) Safer-Networking Ltd.
firefox.exe    0.02    70,612 K    100,672 K    7156    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SDWSCSvc.exe    0.01    1,764 K    6,796 K    5348    Windows Security Center Integration    Safer-Networking Ltd.    (Verified) Safer-Networking Ltd.
services.exe    0.01    5,192 K    10,252 K    908    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AVGSvc.exe    0.01    93,144 K    39,676 K    4072    AVG Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
svchost.exe    0.01    2,404 K    7,368 K    1824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lghub.exe    0.01    46,220 K    41,052 K    10996    LGHUB    Logitech, Inc.    (Verified) Logitech Inc
svchost.exe    0.01    8,488 K    17,324 K    4764    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
csrss.exe    < 0.01    2,032 K    5,432 K    736    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    50,816 K    92,044 K    9996    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    1,516 K    6,180 K    7340    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lghub.exe    < 0.01    35,444 K    63,624 K    10872    LGHUB    Logitech, Inc.    (Verified) Logitech Inc
rundll32.exe    < 0.01    1,712 K    7,296 K    6324    Windows host process (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe    < 0.01    38,444 K    42,720 K    8636    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    6,632 K    13,012 K    976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
explorer.exe    < 0.01    28,712 K    66,708 K    8828    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
NVDisplay.Container.exe    < 0.01    36,024 K    42,380 K    2480    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    < 0.01    4,856 K    10,288 K    9748    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,012 K    6,020 K    9752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
NVIDIA Web Helper.exe    < 0.01    36,052 K    3,852 K    8544    NVIDIA Web Helper Service    Node.js    (Verified) NVIDIA Corporation
aswidsagent.exe    < 0.01    31,368 K    43,488 K    6608    AVG Software Analyzer    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
svchost.exe    < 0.01    2,448 K    13,224 K    2172    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    105,200 K    143,364 K    11492    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
WUDFHost.exe        2,044 K    8,872 K    476    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
wsc_proxy.exe        4,324 K    11,236 K    2204    AVG remediation exe    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
WmiPrvSE.exe        9,100 K    16,068 K    6672    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        3,440 K    9,548 K    3568    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        2,804 K    11,724 K    1148    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,716 K    6,920 K    836    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
unsecapp.exe        3,660 K    10,112 K    1776    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
unsecapp.exe        1,448 K    6,800 K    7424    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        9,012 K    22,740 K    7932    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        8,848 K    24,028 K    444    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,076 K    10,656 K    4932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,092 K    10,656 K    1064    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,932 K    9,444 K    1356    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,596 K    8,568 K    1716    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,948 K    9,816 K    3896    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,776 K    51,520 K    3680    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,504 K    14,628 K    3868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,784 K    23,064 K    3020    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,532 K    5,900 K    1784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,204 K    8,404 K    2308    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,524 K    9,028 K    4964    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,496 K    11,324 K    2028    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,236 K    8,000 K    2180    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,196 K    30,672 K    7884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        14,936 K    17,388 K    1516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,384 K    15,148 K    12884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,676 K    8,304 K    12916    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,168 K    11,868 K    12852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,772 K    12,748 K    4064    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,304 K    16,408 K    1540    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,012 K    8,688 K    1908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,520 K    15,484 K    8004    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,884 K    21,716 K    5004    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,636 K    16,352 K    616    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,432 K    11,028 K    4708    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,392 K    23,932 K    7780    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,032 K    12,456 K    1604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,068 K    8,320 K    2400    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,752 K    9,924 K    1836    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,008 K    7,288 K    2860    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,620 K    12,936 K    5596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        13,096 K    23,264 K    4468    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,424 K    7,324 K    5212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,588 K    14,440 K    4772    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,680 K    7,824 K    4700    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,720 K    6,572 K    4884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,396 K    5,564 K    4992    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,708 K    6,104 K    5296    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,816 K    8,808 K    3772    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,696 K    6,316 K    3904    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,548 K    11,704 K    11136    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,952 K    6,684 K    3420    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,560 K    7,312 K    2596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,452 K    10,520 K    1496    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,876 K    8,708 K    2560    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,688 K    11,120 K    2868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,656 K    7,228 K    2932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,368 K    10,228 K    3092    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,340 K    8,912 K    2528    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,476 K    8,572 K    2716    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,196 K    12,444 K    2724    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,460 K    5,400 K    2288    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,832 K    6,112 K    1596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,700 K    6,708 K    2056    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,384 K    5,632 K    2164    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        964 K    3,880 K    416    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,064 K    16,512 K    660    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,476 K    11,592 K    11388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,208 K    12,592 K    11952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe        53,832 K    80,656 K    8976            (Verified) Microsoft Windows
sqlwriter.exe        2,392 K    8,032 K    4976    SQL Server VSS Writer - 64 Bit    Microsoft Corporation    (Verified) Microsoft Corporation
spoolsv.exe        6,640 K    16,788 K    4428    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
SoundSwitch.exe        31,584 K    59,452 K    9768    SoundSwitch    SoundSwitch    (Verified) Open Source Developer, Antoine Aflalo
smss.exe        1,208 K    1,148 K    556    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sihost.exe        5,628 K    24,676 K    7764    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    35,264 K    58,132 K    5832    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        3,008 K    6,120 K    11352    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe        2,652 K    10,996 K    11860    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthHost.exe        2,668 K    15,092 K    1524    Windows Security Health Host    Microsoft Corporation    (Verified) Microsoft Windows
SearchUI.exe    Suspended    105,640 K    145,636 K    8572    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
SDUpdate.exe        5,600 K    3,236 K    10988    Update    Safer-Networking Ltd.    (Verified) Safer-Networking Ltd.
RuntimeBroker.exe        4,300 K    17,256 K    9272    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5,804 K    22,000 K    11600    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,996 K    8,548 K    12008    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7,648 K    25,800 K    8024    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RtkNGUI64.exe        4,676 K    13,312 K    9508    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
Registry        14,148 K    139,832 K    120            
procexp.exe        4,672 K    11,196 K    2384    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
NVDisplay.Container.exe        6,688 K    17,628 K    2012    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvcontainer.exe        31,104 K    46,112 K    7728    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
Memory Compression        40 K    0 K    2344            
lsass.exe        6,308 K    16,504 K    916    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lghub_updater.exe        9,780 K    14,712 K    4800    LGHUB Updater    Logitech, Inc.    (Verified) Logitech Inc
lghub.exe        20,488 K    27,844 K    11116    LGHUB    Logitech, Inc.    (Verified) Logitech Inc
Jhi_service.exe        1,628 K    6,512 K    11660    Intel® Dynamic Application Loader Host Interface    Intel Corporation    (Verified) Intel Corporation - Intel® Management Engine Firmware
IPROSetMonitor.exe        1,232 K    5,596 K    4732    Intel® PROSet Monitoring Service    Intel Corporation    (Verified) Intel Corporation
IAStorIcon.exe        30,696 K    38,612 K    11700    IAStorIcon    Intel Corporation    (Verified) Intel® Rapid Storage Technology
IAStorDataMgrSvc.exe        38,948 K    50,168 K    11904    IAStorDataSvc    Intel Corporation    (Verified) Intel® Rapid Storage Technology
HeciServer.exe        1,676 K    7,804 K    4812    Intel® Capability Licensing Service Interface    Intel® Corporation    (No signature was present in the subject) Intel® Corporation
GoogleCrashHandler64.exe        1,912 K    352 K    8808    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        2,000 K    384 K    8716    Google Crash Handler    Google LLC    (Verified) Google LLC
fontdrvhost.exe        11,464 K    14,748 K    1204    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        11,080 K    13,168 K    468    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        42,660 K    61,536 K    11476    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dasHost.exe        5,988 K    16,812 K    3480    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        1,708 K    868 K    8752    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
AVGUI.exe        17,884 K    3,248 K    12124    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
AVGUI.exe        20,880 K    3,192 K    12168    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
audiodg.exe        45,976 K    33,252 K    8988    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
atkexComSvc.exe        7,556 K    8,252 K    4784            (Verified) ASUSTeK Computer Inc.
aswEngSrv.exe        47,652 K    104,464 K    6016    AVG Antivirus engine server    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
armsvc.exe        2,064 K    6,500 K    4792    Adobe Acrobat Update Service    Adobe Inc.    (Verified) Adobe Inc.


 


  • 0

#9
BeazMagic
Posted 29 September 2020 - 05:31 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is output from the Admin Command Prompt


Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                       120 N/A                                         
smss.exe                       556 N/A                                         
csrss.exe                      736 N/A                                         
wininit.exe                    836 N/A                                         
csrss.exe                      844 N/A                                         
services.exe                   908 N/A                                         
lsass.exe                      916 KeyIso, SamSs, VaultSvc                     
svchost.exe                    416 PlugPlay                                    
svchost.exe                    444 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
WUDFHost.exe                   476 N/A                                         
fontdrvhost.exe                468 N/A                                         
svchost.exe                    976 RpcEptMapper, RpcSs                         
svchost.exe                   1064 LSM                                         
winlogon.exe                  1148 N/A                                         
fontdrvhost.exe               1204 N/A                                         
dwm.exe                       1284 N/A                                         
svchost.exe                   1356 TermService                                 
svchost.exe                   1496 NcbService                                  
svchost.exe                   1516 EventLog                                    
svchost.exe                   1540 Schedule                                    
svchost.exe                   1596 hidserv                                     
svchost.exe                   1604 ProfSvc                                     
svchost.exe                   1716 nsi                                         
svchost.exe                   1824 Dhcp                                        
svchost.exe                   1836 UserManager                                 
svchost.exe                   1908 TimeBrokerSvc                               
NVDisplay.Container.exe       2012 NVDisplay.ContainerLocalSystem              
svchost.exe                   2028 NlaSvc                                      
svchost.exe                   1784 CoreMessagingRegistrar                      
svchost.exe                   2056 CertPropSvc                                 
svchost.exe                   2164 Themes                                      
svchost.exe                   2172 SysMain                                     
svchost.exe                   2180 EventSystem                                 
wsc_proxy.exe                 2204 AvgWscReporter                              
svchost.exe                   2228 Dnscache                                    
svchost.exe                   2288 lmhosts                                     
svchost.exe                   2308 LanmanWorkstation                           
Memory Compression            2344 N/A                                         
svchost.exe                   2400 SENS                                        
svchost.exe                   2528 SessionEnv                                  
svchost.exe                   2560 netprofm                                    
svchost.exe                   2596 DispBrokerDesktopSvc                        
svchost.exe                   2716 AudioEndpointBuilder                        
svchost.exe                   2724 FontCache                                   
svchost.exe                   2860 WinHttpAutoProxySvc                         
svchost.exe                   2868 NcdAutoSetup                                
svchost.exe                   2932 fdPHost                                     
NVDisplay.Container.exe       2480 N/A                                         
svchost.exe                   3020 Winmgmt                                     
svchost.exe                   3092 FDResPub                                    
svchost.exe                   3420 DeviceAssociationService                    
dasHost.exe                   3480 N/A                                         
WmiPrvSE.exe                  3568 N/A                                         
svchost.exe                   3680 Audiosrv                                    
svchost.exe                   3772 SSDPSRV                                     
svchost.exe                   3868 StateRepository                             
svchost.exe                   3896 Wcmsvc                                      
svchost.exe                   3904 DusmSvc                                     
svchost.exe                   4064 ShellHWDetection                            
AVGSvc.exe                    4072 AVG Antivirus                               
spoolsv.exe                   4428 Spooler                                     
svchost.exe                   4468 BFE, mpssvc                                 
svchost.exe                   4700 IKEEXT                                      
svchost.exe                   4708 CryptSvc                                    
IPROSetMonitor.exe            4732 Intel® PROSet Monitoring Service          
svchost.exe                   4764 DPS                                         
svchost.exe                   4772 iphlpsvc                                    
atkexComSvc.exe               4784 asComSvc                                    
armsvc.exe                    4792 AdobeARMservice                             
lghub_updater.exe             4800 LGHUBUpdaterService                         
HeciServer.exe                4812 Intel® Capability Licensing Service Interf
                                   ace                                         
nvcontainer.exe               4820 NvContainerLocalSystem                      
svchost.exe                   4884 SstpSvc                                     
SDFSSvc.exe                   4900 SDScannerService                            
SDUpdSvc.exe                  4916 SDUpdateService                             
svchost.exe                   4932 wscsvc                                      
svchost.exe                   4964 LanmanServer                                
sqlwriter.exe                 4976 SQLWriter                                   
svchost.exe                   4992 TrkWks                                      
svchost.exe                   5004 WpnService                                  
svchost.exe                   5212 TapiSrv                                     
svchost.exe                   5296 WdiServiceHost                              
SDWSCSvc.exe                  5348 SDWSCService                                
svchost.exe                   5596 RasMan                                      
aswEngSrv.exe                 6016 N/A                                         
rundll32.exe                  6324 N/A                                         
WmiPrvSE.exe                  6672 N/A                                         
aswidsagent.exe               6608 avgbIDSAgent                                
unsecapp.exe                  7424 N/A                                         
nvcontainer.exe               7728 N/A                                         
sihost.exe                    7764 N/A                                         
svchost.exe                   7780 CDPUserSvc_959ef                            
svchost.exe                   7884 WpnUserService_959ef                        
taskhostw.exe                 7932 N/A                                         
svchost.exe                   8004 TokenBroker                                 
explorer.exe                  4960 N/A                                         
svchost.exe                    616 CDPSvc                                      
NVIDIA Web Helper.exe         8544 N/A                                         
SearchIndexer.exe             8636 WSearch                                     
GoogleCrashHandler.exe        8716 N/A                                         
conhost.exe                   8752 N/A                                         
GoogleCrashHandler64.exe      8808 N/A                                         
StartMenuExperienceHost.e     8976 N/A                                         
RuntimeBroker.exe             8024 N/A                                         
SearchUI.exe                  8572 N/A                                         
RuntimeBroker.exe             9272 N/A                                         
explorer.exe                  8828 N/A                                         
RtkNGUI64.exe                 9508 N/A                                         
svchost.exe                   9752 WdiSystemHost                               
svchost.exe                   9748 PcaSvc                                      
AVGUI.exe                     9724 N/A                                         
svchost.exe                   7340 Appinfo                                     
FRST64.exe                    9888 N/A                                         
SoundSwitch.exe               9768 N/A                                         
Taskmgr.exe                  10612 N/A                                         
lghub.exe                    10872 N/A                                         
lghub_agent.exe              10928 N/A                                         
lghub.exe                    10996 N/A                                         
lghub.exe                    11116 N/A                                         
SDTray.exe                   10768 N/A                                         
unsecapp.exe                  1776 N/A                                         
svchost.exe                  11388 BthAvctpSvc                                 
AVGUI.exe                    12124 N/A                                         
AVGUI.exe                    12168 N/A                                         
IAStorIcon.exe               11700 N/A                                         
IAStorDataMgrSvc.exe         11904 IAStorDataMgrSvc                            
Jhi_service.exe              11660 jhi_service                                 
SgrmBroker.exe               11352 SgrmBroker                                  
svchost.exe                  11136 UsoSvc                                      
svchost.exe                  11952 OneSyncSvc_959ef                            
SecurityHealthService.exe    11860 SecurityHealthService                       
SecurityHealthHost.exe        1524 N/A                                         
svchost.exe                    660 wuauserv                                    
SDUpdate.exe                 10988 N/A                                         
firefox.exe                   2940 N/A                                         
firefox.exe                   1240 N/A                                         
firefox.exe                   7156 N/A                                         
firefox.exe                  11492 N/A                                         
firefox.exe                   9996 N/A                                         
firefox.exe                  11496 N/A                                         
ShellExperienceHost.exe       5832 N/A                                         
RuntimeBroker.exe            11600 N/A                                         
RuntimeBroker.exe            12008 N/A                                         
audiodg.exe                   8988 N/A                                         
procexp.exe                   2384 N/A                                         
procexp64.exe                 3492 N/A                                         
svchost.exe                  12852 StorSvc                                     
svchost.exe                  12884 AppXSvc                                     
svchost.exe                  12916 ClipSVC                                     
SearchProtocolHost.exe       13168 N/A                                         
SearchFilterHost.exe         13184 N/A                                         
notepad++.exe                13260 N/A                                         
firefox.exe                   2216 N/A                                         
cmd.exe                      12620 N/A                                         
conhost.exe                   2660 N/A                                         
tasklist.exe                  1336 N/A                                         
 


  • 0

#10
BeazMagic
Posted 29 September 2020 - 05:35 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the Speccy File output

Attached Files


  • 0

Advertisements

#11
BeazMagic
Posted 29 September 2020 - 05:43 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the LatencyMon output after 21s and the jpgs. However for the screenshot for the Processes Tab, Hard Pagefaults was 0 for everything so I took a screenshot with sorting it once (Single Click) and another with reverse order (2 clicks in total)

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts.
LatencyMon has been analyzing your system for  0:00:21  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        MBEAZLEY
OS version:                                           Windows 10, 10.0, version 1909, build: 18363 (x64)
Hardware:                                             All Series, ASUS
CPU:                                                  GenuineIntel Intel® Core™ i7-4770 CPU @ 3.40GHz
Logical processors:                                   8
Processor groups:                                     1
RAM:                                                  16322 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   3398 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   264.70
Average measured interrupt to process latency (µs):   12.865686

Highest measured interrupt to DPC latency (µs):       218.60
Average measured interrupt to DPC latency (µs):       4.006595


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              186.904944
Driver with highest ISR routine execution time:       dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Highest reported total ISR routine time (%):          0.084084
Driver with highest ISR total time:                   dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Total time spent in ISRs (%)                          0.096050

ISR count (execution time <250 µs):                   11793
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              237.859918
Driver with highest DPC routine execution time:       tcpip.sys - TCP/IP Driver, Microsoft Corporation

Highest reported total DPC routine time (%):          0.045862
Driver with highest DPC total execution time:         nvlddmkm.sys - NVIDIA Windows Kernel Mode Driver, Version 452.06 , NVIDIA Corporation

Total time spent in DPCs (%)                          0.117034

DPC count (execution time <250 µs):                   16031
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              0
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.


Process with highest pagefault count:                 none

Total number of hard pagefaults                       0
Hard pagefault count of hardest hit process:          0
Number of processes hit:                              0


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.614601
CPU 0 ISR highest execution time (µs):                186.904944
CPU 0 ISR total execution time (s):                   0.160230
CPU 0 ISR count:                                      11107
CPU 0 DPC highest execution time (µs):                232.831960
CPU 0 DPC total execution time (s):                   0.189435
CPU 0 DPC count:                                      15010
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.082781
CPU 1 ISR highest execution time (µs):                146.414067
CPU 1 ISR total execution time (s):                   0.001671
CPU 1 ISR count:                                      338
CPU 1 DPC highest execution time (µs):                110.808122
CPU 1 DPC total execution time (s):                   0.002889
CPU 1 DPC count:                                      303
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.077480
CPU 2 ISR highest execution time (µs):                13.944673
CPU 2 ISR total execution time (s):                   0.000552
CPU 2 ISR count:                                      197
CPU 2 DPC highest execution time (µs):                237.859918
CPU 2 DPC total execution time (s):                   0.001360
CPU 2 DPC count:                                      194
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.062985
CPU 3 ISR highest execution time (µs):                13.716892
CPU 3 ISR total execution time (s):                   0.000039
CPU 3 ISR count:                                      43
CPU 3 DPC highest execution time (µs):                24.947911
CPU 3 DPC total execution time (s):                   0.000270
CPU 3 DPC count:                                      51
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       0.069999
CPU 4 ISR highest execution time (µs):                2.307828
CPU 4 ISR total execution time (s):                   0.000032
CPU 4 ISR count:                                      46
CPU 4 DPC highest execution time (µs):                62.156268
CPU 4 DPC total execution time (s):                   0.000898
CPU 4 DPC count:                                      158
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       0.067272
CPU 5 ISR highest execution time (µs):                0.953502
CPU 5 ISR total execution time (s):                   0.000014
CPU 5 ISR count:                                      26
CPU 5 DPC highest execution time (µs):                230.890818
CPU 5 DPC total execution time (s):                   0.001390
CPU 5 DPC count:                                      97
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       0.071849
CPU 6 ISR highest execution time (µs):                1.600942
CPU 6 ISR total execution time (s):                   0.000023
CPU 6 ISR count:                                      31
CPU 6 DPC highest execution time (µs):                60.856680
CPU 6 DPC total execution time (s):                   0.000642
CPU 6 DPC count:                                      87
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       0.066526
CPU 7 ISR highest execution time (µs):                0.986463
CPU 7 ISR total execution time (s):                   0.000003
CPU 7 ISR count:                                      5
CPU 7 DPC highest execution time (µs):                136.826368
CPU 7 DPC total execution time (s):                   0.001194
CPU 7 DPC count:                                      131
_________________________________________________________________________________________________________
 

Attached Thumbnails

  • DriverTab_9292020.png
  • ProcessesTab_SingleClick_9292020.png
  • ProcessesTab_TwoClicks_9292020.png

  • 0

#12
RKinner
Posted 29 September 2020 - 06:28 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks much better tho I see you have installed Spybot S&D and it's not working.  Please uninstall. 

 

Also you forgot the fixlog.

 

SuperAntiSpyware and Spybot both clutter up the hosts file with thousands of entries.  The idea is that these keep you from going to bad sites but searching through all of these entries causes a major delay in your networking so I prefer to remove them.  Following fixlist will remove the entries without requiring a reboot:

 

Attached File  fixlist.txt   18bytes   185 downloads

I don't need the fixlog for this one.

 

Let's get a benchmark:


https://www.userbenchmark.com


Click on Free Download.  Save the file then right click and Run As Admin.  Close all programs and pause your antivirus before starting.


When it finishes it will open a browser.  Copy the URL and paste it into a Reply.

 

How is it running now?


  • 0

#13
BeazMagic
Posted 29 September 2020 - 06:55 PM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Its running nice and all. Very much appreciate the help. But my processes still have several sub processes per here is a screenshot of my current processes of the Task Manager. I have 1 Firefox tabs open. It kind of seems for every tab I have an extra 2. And I don't know why Spotify would have 5. And Discord has 6 for some reason. Is this still not a virus monitoring my system? This stuff didn't happen till I messed up and installed that file.

And I ran the fixlist.txt this time.

https://www.userbenc...serRun/33574884

Attached Thumbnails

  • ProcessesScreenshot_9292020.png

  • 0

#14
RKinner
Posted 29 September 2020 - 08:24 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Don't know much about Discord or Spotify but it's normal to have multiple Firefox instances.

 

fire.jpg

 

Three is about the minimum you can have.  There is an option that allows it to have more but it's turned off on my PC:

fire2.jpg

 

Start up both Discord and Spotify and then do another Speccy log and post it.  Remember to remove the Serial Number.

That will show us who they are talking to.

 

You can also run MBAR to make sure nothing is hiding that I can't see.

 

https://www.malwareb...om/antirootkit/

Pause your Anti-virus.

Click on Download

Save then right click and Run As Admin.  Follow the instructions.

 

 

 


  • 0

#15
BeazMagic
Posted 30 September 2020 - 10:22 AM

BeazMagic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Alright here is the new Speccy Log. What is it in this log that might suggest a infection still? Just so I can learn more about what it is we are looking for and doing.

 

Im currently running the MBAR and will post the results when they are done.

Attached Files


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP