Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Getting a bunch of browser clicking noises and sounds

Started by Terryc250 , Mar 14 2021 07:02 AM

  • Please log in to reply

#1
Terryc250
Posted 14 March 2021 - 07:02 AM

Terryc250

    Member

  • Member
  • PipPip
  • 91 posts

I'm certain my computer is infected.  Lots of browser clicking noises, ad noises running in background, strange processes open in the task manager.
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by other (administrator) on TERRY-PC (Gigabyte Technology Co., Ltd. P67X-UD3-B3) (14-03-2021 05:57:01)
Running from F:\Downloads
Loaded Profiles: other
Platform: Windows 10 Pro Version 1909 18363.1440 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] [File is in use] C:\Program Files (x86)\Subtype\courted.exe <2>
() [File not signed] [File is in use] C:\Program Files (x86)\yum\undyed.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(EMBY LLC -> Emby) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:\Program Files (x86)\MaskVPN\mask_svc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chromeGambits.exe <59>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(KeepSolid Inc.) [File not signed] A:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Localizing Inc.) [File not signed] C:\Program Files (x86)\Apprehended\Localizing.exe <24>
(Localizing Inc.) [File not signed] C:\Program Files (x86)\Propagates\Localizing.exe <5>
(Localizing Inc.) [File not signed] C:\Users\other\AppData\Local\Localizing.exe
(Malwarebytes Inc -> Malwarebytes) A:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) A:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) A:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Redbrick Technologies Inc. -> Shift Technologies Inc.) C:\Users\other\AppData\Local\Shift\app-6.0.56-stable\Shift.exe <7>
(Revelatory Inc.) [File not signed] C:\Program Files (x86)\molto\Revelatory.exe <8>
(Revelatory Inc.) [File not signed] C:\Program Files (x86)\Propagates\Revelatory.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) A:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ShareX Team) [File not signed] A:\Program Files\ShareX\ShareX.exe
(Softdeluxe) [File not signed] A:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
(Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Screen+] => A:\Program Files\Screen+\ScreenLM64.exe [533936 2014-08-08] (AOC International (Europe) BV -> AOC Corps)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Flail] => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKLM\...\Run: [Semiprivate] => C:\Program Files (x86)\molto\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
HKLM\...\Run: [Slumbering] => C:\Program Files (x86)\Propagates\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992032 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => "A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM-x32\...\Run: [Weather] => C:\Users\other\AppData\Roaming\Weather\Weather.exe [134170129 2021-03-10] (WeatherApplication) [File not signed]
HKLM-x32\...\Run: [Ships] => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKLM-x32\...\Run: [Gaseous] => C:\Program Files (x86)\molto\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
HKLM-x32\...\Run: [Bedel] => C:\Program Files (x86)\Propagates\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Run: [DiscordPTB] => C:\Users\terry\AppData\Local\DiscordPTB\app-0.0.54\DiscordPTB.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Run: [Shift] => C:\Users\terry\AppData\Local\Shift\app-3.4.4\Shift.exe
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Run: [CCleanerBrowserAutoLaunch_8D9F1DC0DA76B583F6A24D1C17185E37] => "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --auto-launch-at-startup --check-run=src=logon --profile-directory=Default --restore-last-session
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [uTorrent] => C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe [2142936 2020-12-22] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [icq.desktop] => C:\Users\other\AppData\Roaming\ICQ\bin\icq.exe [83598488 2019-12-02] (LLC Mail.Ru -> )
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [DiscordPTB] => C:\Users\other\AppData\Local\DiscordPTB\Update.exe --processStart DiscordPTB.exe
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Free Download Manager] => "A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe" --hidden
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29262520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Shift] => C:\Documents and Settings\terry\AppData\Local\Shift\app-3.6.1\Shift.exe
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Wechat] => C:\Program Files (x86)\Tencent\WeChat\WeChat.exe [559184 2020-09-02] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [com.squirrel.Shift.Shift] => C:\Users\other\AppData\Local\Shift\Update.exe [1825792 2021-02-25] (GitHub) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Opera Browser Assistant] => C:\Users\other\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366424 2020-12-08] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [] => [X]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Proscribed] => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Martie] => C:\Program Files (x86)\molto\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Dulled] => C:\Program Files (x86)\Propagates\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Taggart] => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Eggheads] => C:\Program Files (x86)\molto\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Restitution] => C:\Program Files (x86)\Propagates\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [undyed] => C:\Program Files (x86)\yum\undyed.exe [37246 2021-03-14] () [File not signed] [File is in use]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [thalmann] => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Run: [Discord] => C:\Users\Person\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stlth\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stlth\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON NX130 Series 64MonitorBA: C:\Windows\system32\E_ILMHJA.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\\BtwCP.dll [2012-12-06] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> 
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClickMonitorDDC.lnk [2020-04-10]
ShortcutTarget: ClickMonitorDDC.lnk -> F:\Program Files (x86)\ClickMonitorDDC\ClickMonitorDDC_7_0.exe (ClickMonitorDDC) [File not signed]
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Emby Server.lnk [2021-03-14]
ShortcutTarget: Emby Server.lnk -> C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.exe (EMBY LLC -> Emby)
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\overstretching.lnk [2021-03-14]
ShortcutTarget: overstretching.lnk -> C:\Program Files (x86)\Apprehended\Localizing.exe (Localizing Inc.) [File not signed]
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\overstretchingoverstretching.lnk [2021-03-14]
ShortcutTarget: overstretchingoverstretching.lnk -> C:\Program Files (x86)\molto\Revelatory.exe (Revelatory Inc.) [File not signed]
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2020-12-03]
ShortcutTarget: ShareX.lnk -> A:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-816131170-1439977655-1545633551-1007\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-816131170-1439977655-1545633551-1002\User: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\other\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04F171BC-4850-4FA4-88CB-EB5D8A4067B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {05DFFCB9-1C33-44EA-832A-911086A0C1DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {05E39DD4-02F5-4D9B-AA90-7E5213E52450} - System32\Tasks\ScpUpdater => A:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [460480 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
Task: {0735FDE7-39F3-4A17-B923-13327308C69F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-816131170-1439977655-1545633551-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840 2012-07-27] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {08BEA2BD-8A6C-479F-9BF7-4E472EF1D7E9} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {0BDFCB1E-DE7A-4C17-98BF-548BCF25BA9E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0C98C87D-62DC-4AF9-9FDE-A8C84107991D} - System32\Tasks\native plundering => C:\Program Files (x86)\Propagates\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
Task: {0CCF3C19-9C83-4325-8FD6-AD2E53C58493} - System32\Tasks\{E3A62748-BC16-43D0-B496-D7221CAE8C37} => C:\Windows\system32\pcalua.exe -a E:\Microsoft.Office.2007.Enterprise.Blue.Edition-DiGiTAL\setup.exe -d E:\Microsoft.Office.2007.Enterprise.Blue.Edition-DiGiTAL
Task: {0D41D747-785B-43A5-A800-7A5D40FF555E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13F4356C-B189-48A3-8FCF-263315EA8CB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {152A83E7-D52E-4DFC-BE04-F95D5EBD519D} - System32\Tasks\marylin-angeleno => C:\Program Files (x86)\molto\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
Task: {16302309-76AE-4905-8233-7D1A0E257027} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BFF8BD1-9BA6-44B4-8449-65222E617AF0} - System32\Tasks\marylin-angelenomarylin-angeleno => C:\Program Files (x86)\molto\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
Task: {1E57358E-B33A-4E35-90CB-0B7BDBE3809F} - System32\Tasks\native plunderingnative plundering => C:\Program Files (x86)\Propagates\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
Task: {1F4E3929-0A56-4CB3-9BD4-AAC7C03E69F8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {259EDD2D-25E1-4C20-8E84-D2258640CA9D} - System32\Tasks\Game_Booster_AutoUpdate => A:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {28E13C8F-0C2A-47C8-A9F7-6C03B2A0C918} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29D4F23A-4061-4FC9-B2D6-8AB522701156} - System32\Tasks\notepadsnotepads => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
Task: {2B6EACD3-B896-47C1-9DCA-D24EA90C2F70} - System32\Tasks\crystals => C:\Program Files (x86)\Subtype\courted.exe [46784 2021-03-14] () [File not signed] [File is in use]
Task: {2BF9A776-38D0-486B-9B09-591EDD13BFED} - System32\Tasks\Opera scheduled assistant Autoupdate 1608109099 => C:\Users\other\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\other\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2CB639E6-981B-4CB2-B747-828E5F241BB7} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {2FD785B4-5B4E-4F56-AC1C-A000C245271E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30CBD43C-E870-4026-9982-50C5E9DE7B7B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Users\terry\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {32F1A579-A914-4A00-980B-1F066FB75941} - System32\Tasks\blessed_transferor => C:\Program Files (x86)\Propagates\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
Task: {38FCF0B3-6A72-4045-A0EB-C0307CDA1DC2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A173012-8F02-463D-8B74-51A437B3ED19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3AF8BD35-F9A9-48E8-9945-83485461EDC1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {3CCCEA7D-3D91-4CB7-85C2-A14C3912D6AB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {3CD97764-A784-4E15-BC4E-E22263CE22A4} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {3DA8C9F2-FF66-4CCF-8D3A-B474D66DF927} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40BE2F67-AC03-4B2A-BDC5-9F56C8D7CDFA} - System32\Tasks\BlueStacksHelper => A:\bs\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4956B16D-6C06-4315-B329-BCD664C6F9C0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D763202-DE87-467F-9109-B897165A61F9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {51158ED5-158A-4BD2-9E7A-7D6F79CD8C6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {526A1473-B722-4DF4-A2DB-879A8B8499E9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {52BF5089-8159-424E-8385-586A520E2F0C} - System32\Tasks\tati => C:\Program Files (x86)\caymans\caymans.exe
Task: {5617F6A5-07E5-4974-B347-DD54A38093C7} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {5ADA862F-67D7-4294-BD27-44FA8334CA8E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C649D81-B88C-4649-B122-DC085409932F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {6D4041A7-60F3-4DA5-A2A1-7AC652CAD07E} - System32\Tasks\klcp_update => A:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-08-27] () [File not signed]
Task: {71A5FD68-6393-488C-81EF-37DB94085E1F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {739673EE-16FF-4D55-9CD6-4FED915CAF1B} - System32\Tasks\RealCreateProcessScheduledTask372694828S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-10-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {760591D9-FF2F-454D-B608-C118E7146BD6} - System32\Tasks\cosseted_greystonecosseted_greystone => C:\Users\other\AppData\Local\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
Task: {77508A04-93E2-467B-9431-B7BBFF6CAFEA} - System32\Tasks\{AF8F8AF2-8F1B-4F4F-87FB-C2104C5E815F} => C:\Windows\system32\pcalua.exe -a "A:\Users\Terry\Downloads\kntsetup (1).exe" -d A:\Users\Terry\Downloads
Task: {797DE5E9-58B8-42DE-B185-EF2CD48111DA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C846305-9E17-4A87-B3DF-DC572561FBE3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7D6F5097-6667-4FA0-A5DE-163D95F2D262} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E34E5D8-ED36-405E-9F4F-BF156D79103B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {80F690A5-CD83-49C7-863A-ABD1B2979E98} - System32\Tasks\AdobeAAMUpdater-1.0-terry-PC-terry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {821F7C3A-5633-48D2-8040-F2A2529818B5} - System32\Tasks\{3249AD5B-21F9-4BF5-B730-81508D495054} => "c:\users\terry\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/...all?page=tsMain
Task: {896D6A37-564F-4526-9464-B309245404D3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-816131170-1439977655-1545633551-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840 2012-07-27] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {8BD309E8-1C00-4A31-82C5-6FB0E9F771BA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8E71DBD5-0E29-4DD9-95F6-64235150FA0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {908D4208-B0EA-451B-986F-EF2B6DD2F40A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {910920D2-6FDC-4406-8BD9-95FAFA09E9A0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {925B7E55-2143-4F8B-BE4B-87D9A04700C6} - System32\Tasks\Opera scheduled Autoupdate 1608109085 => C:\Users\other\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-04] (Opera Software AS -> Opera Software)
Task: {926A3058-FD84-490C-8129-DB8FB17267E7} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel® Software -> Intel Corporation)
Task: {990296FF-70F4-4D2D-B2E4-818087A8D77F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9CD34736-7595-4FA4-B986-27542B54DDE2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E69FDF6-642A-4DA8-BC88-5A01F80E7EF0} - System32\Tasks\tatitati => C:\Program Files (x86)\caymans\caymans.exe
Task: {A042A1CD-E7C5-40DF-AC82-83A7AC5FF963} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A2D654AC-3953-45A5-9634-1ACCD36B28FC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A3A85F44-2A83-44A5-90E7-5A6C7C484F06} - System32\Tasks\cosseted_greystone => C:\Users\other\AppData\Local\Revelatory.exe [7680 2021-03-14] (Revelatory Inc.) [File not signed]
Task: {A60DE427-9DFC-40B7-AA22-FAE39412927F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {A80D4F96-C777-4CF2-9D08-41C15876C347} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A86C6F00-1D0C-498C-AE44-8B2BAAAFBEEA} - System32\Tasks\FreeDownloadManagerHelperService => A:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [144896 2020-07-03] (Softdeluxe) [File not signed]
Task: {A88C7CE6-8F9E-439C-B9F4-47DC1493D5E4} - System32\Tasks\EqualizerPro => A:\Program Files\EqualizerPro\EqualizerPro.exe
Task: {ACC34CF4-E7CE-4A70-822D-2924FDDE6554} - \gdajPekUk -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B488B750-EFE5-406E-94D0-352A6C2C1B92} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B55A9460-435F-4D56-9B69-CE02912B17FC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {BDD5EC23-5E53-49D6-9E7C-10FC6925FD08} - System32\Tasks\{C67D103D-12D9-46B3-8BD4-9CA024D295EA} => "c:\users\terry\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/...all?page=tsMain
Task: {C12D5282-2DDF-47EA-85B3-4B7C9D8DCE29} - System32\Tasks\notepads => C:\Program Files (x86)\Apprehended\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
Task: {CA574B28-6BB2-4282-B19A-911C34F50AEE} - System32\Tasks\crystalscrystals => C:\Program Files (x86)\Subtype\courted.exe [46784 2021-03-14] () [File not signed] [File is in use]
Task: {CAD461A5-08C7-44D5-8867-DB2530FC9216} - System32\Tasks\Razer_Game_Booster_AutoUpdate => A:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [1135552 2012-11-13] (Razer USA Ltd -> )
Task: {CB63E82F-2D26-4851-AC0B-828ABC08F2CC} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBCA8E66-31DB-4932-A366-3C58DE048D34} - System32\Tasks\G2MUpdateTask-S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Users\terry\AppData\Local\GoToMeeting\12771\g2mupdate.exe [29768 2019-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CD7A1286-45BF-4ABD-A768-68891FF8D5F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDCABDF9-EF21-4F4D-852E-8748DD70053A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {CEBCE80C-D40D-4555-9E84-495D6108633C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D00C09A3-4303-4BC8-93D2-38F956C60477} - System32\Tasks\confers bookends crafter => C:\Users\other\AppData\Local\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
Task: {D04BEED1-D1FD-4A3E-9115-69AB9841EDE3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D14D0E4A-6880-4B92-ACD1-FADF843C9EA9} - System32\Tasks\blessed_transferorblessed_transferor => C:\Program Files (x86)\Propagates\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
Task: {D283219A-0969-4830-BE02-0644EADFD45A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [1455752 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D2A6272A-B24F-4868-BD33-D727D77D4E85} - System32\Tasks\G2MUploadTask-S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Users\terry\AppData\Local\GoToMeeting\12771\g2mupload.exe [29768 2019-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D2EAFB9A-CFFE-4E79-84C0-7EDD28A7C667} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D3C0BF34-E811-4C76-AC8B-72C2D501366B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {DBCFAF1B-722A-42BE-ABD6-0D2804AA6E60} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCBEF99A-8341-4EAF-B114-E8D12770F8D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E12632D0-03D8-482D-9669-D1403E8A0DE5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2F060CF-E25F-4B1E-B7A7-0B320CA30BE2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3AB9052-BF85-440E-9CF8-45CF086A8C8E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ED9A6702-EDA3-452B-B502-2BDE13A4B8BB} - System32\Tasks\confers bookends crafterconfers bookends crafter => C:\Users\other\AppData\Local\Localizing.exe [7680 2021-03-14] (Localizing Inc.) [File not signed]
Task: {EF9F05BB-6B5A-4E93-8BF2-541249A434E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F3C8894A-818F-4F3C-B251-5E4B09802D01} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_pepper.exe [1455752 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F49A9712-AB77-4DBD-9A08-B538CDFF66CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F4BD34C2-7083-4801-89DA-47D6A8E5F8FD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCA5E40B-6DB6-468A-BE6D-4C8599BCE2E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD5BAAAC-89E0-4670-9DEB-1F86DBCD467C} - System32\Tasks\AMD ThankingURL => A:\\AMD\CIM\Bin64\Setup.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\bxBxyIKayNQGLKpxkX.job => C:\Users\other\AppData\Local\Temp\QDVdJbBNzArRobnnV\RIadzCrreoJPOWI\Axljsvc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-816131170-1439977655-1545633551-1000.job => C:\Users\terry\AppData\Local\GoToMeeting\12771\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-816131170-1439977655-1545633551-1000.job => C:\Users\terry\AppData\Local\GoToMeeting\12771\g2mupload.exe
Task: C:\WINDOWS\Tasks\ScpUpdater.job => A:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.114
Tcpip\..\Interfaces\{36855C26-5310-4E3D-9255-9BD223ADE5E3}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{4D2258B4-D222-4601-9EF8-572F1FF5542E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d3a7831-546a-4743-b55d-9d5ab15ea239}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d5902bd-9ba3-4d0a-be93-9c9d270748eb}: [DhcpNameServer] 192.168.1.254 75.153.171.114
Tcpip\..\Interfaces\{62FBDB9F-C653-47CE-BB82-916FE1E5B1AF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{63D23D4F-BC51-4C6F-A95E-8330DF67186E}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{6831C16F-4B1F-456B-B5E1-7C9213935103}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{6EA14BF7-0B6D-42B0-883B-086085F737B0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{75E05F4C-EF9D-484C-BCB4-B9BBAFE85C75}: [DhcpNameServer] 64.59.144.91 64.59.150.137
Tcpip\..\Interfaces\{797B3E40-D43F-4B36-8D1F-081F47D6747E}: [DhcpNameServer] 64.59.144.91 64.59.150.137
Tcpip\..\Interfaces\{7DD52480-4008-4E7C-882D-4C46E1700C19}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{89298873-670E-4331-81A3-EDD9547DC871}: [DhcpNameServer] 64.59.144.91 64.59.150.137
Tcpip\..\Interfaces\{8F29EE05-137D-4622-80A6-0A604CAA58A3}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A197249D-539F-4CFA-896B-35B735591FF3}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{A197249D-539F-4CFA-896B-35B735591FF3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1453C9B-D56F-4719-9997-2F9F10D2A337}: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{D95BF8A6-F97C-4561-9D37-68EE112D4D99}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4ABA8DF-4D33-446E-B028-533D040E2D3F}: [DhcpNameServer] 172.20.10.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\other\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-14]
 
FireFox:
========
FF DefaultProfile: t2yi2atm.default-1609753342030
FF ProfilePath: C:\Users\other\AppData\Roaming\Mozilla\Firefox\Profiles\t2yi2atm.default-1609753342030 [2021-03-14]
FF Extension: (Image Downloader) - C:\Users\other\AppData\Roaming\Mozilla\Firefox\Profiles\t2yi2atm.default-1609753342030\Extensions\{589e6459-3d56-49b4-9b3d-6e4b7ef16940}.xpi [2021-01-10]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - A:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: (FiddlerHook) - A:\Program Files (x86)\Fiddler2\FiddlerHook [2014-08-31] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] [2015-05-05] [Legacy] [not signed]
FF HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\terry\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\terry\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-15] (Adobe Systems Incorporated -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC -> DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> A:\bf4\bin\dtplugin\npDeployJava1.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> A:\bf4\bin\plugin2\npjp2.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.6 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-17] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> A:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> A:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\terry\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall) [File not signed]
FF Plugin-x32: @raidcall.kr/RCplugin -> C:\Users\terry\AppData\Roaming\RCKR\plugins\nprcplugin.dll [2012-08-09] (Raidcall) [File not signed]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-14] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-05-26] (Research In Motion -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: BYOND -> A:\Program Files (x86)\BYOND\bin\npbyond.dll [2012-07-15] (BYOND) [File not signed]
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\terry\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies -> Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @acestream.net/acestreamplugin,version=3.1.9 -> C:\Users\terry\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies -> Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @citrixonline.com/appdetectorplugin -> C:\Users\terry\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-12] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\terry\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape -> Octoshape ApS)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\terry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2018-10-31] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: iloen.com/MelOnWebLinker -> C:\Windows\SysWOW64\npMelOnWebLinkerAx.dll [2014-06-12] (LOEN Entertainment) [File not signed]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\other\AppData\Local\Google\Chrome\User Data\Default [2021-03-14]
CHR DownloadDir: F:\Downloads
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://voice.google.com; hxxps://www.aliexpress.com
CHR StartupUrls: Default -> "hxxp://google.ca/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/docs/spreadsheets/favicon3.ico
CHR Extension: (Slides) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-19]
CHR Extension: (BetterTTV) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-18]
CHR Extension: (Docs) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-19]
CHR Extension: (Google Drive) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (MEGA) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-03-10]
CHR Extension: (Honey) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-02-18]
CHR Extension: (Ban Checker for Steam) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2020-11-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Image Downloader) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2021-01-05]
CHR Extension: (Tampermonkey) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-11-06]
CHR Extension: (Sheets) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-19]
CHR Extension: (Google Docs Offline) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-26]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-27]
CHR Extension: (Bookmark Search) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmokalkpaiacdofbcddkogifepbaijk [2020-12-17]
CHR Extension: (Koala Inspector - Inspect Shopify Shops) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbfbllnfhppnhjdhhbmjabikmkfekgf [2021-03-10]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2021-03-07]
CHR Extension: (Screen Recorder) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniebljpgcogalllopnjokppmgbhaden [2021-03-13]
CHR Extension: (Zendrop - AliExpress Product Importer) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoaepbdbkbncfnmplpeecofbnophahah [2020-11-30]
CHR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2021-01-25]
CHR Extension: (Egrow.io Amazon Scout Extension) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickcnpogpccagkhpcmibbkmdlnhiepda [2021-02-02]
CHR Extension: (Imagus) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-09-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-09-19]
CHR Extension: (Stream Recorder - download HLS as MP4) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogidnfllpdhagebkblkgbfijkbkjdmm [2021-02-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2021-01-05]
CHR Extension: (PlushyKicks - Fulfillman - Google Sheets) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemceekagfbifkkpbmklhjabmcedfgkm [2020-12-14]
CHR Extension: (Helium 10) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2021-02-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Messages) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngjipgjhfkaeimbhgmodlbhligdflei [2020-11-06]
CHR Extension: (Shopify Theme Detector) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\npjkomjipdbengebpldgodddlinfjhhm [2020-11-25]
CHR Extension: (Web Video Downloader) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\odecbmmehabeloobkgokmfgldaegiflc [2021-01-05]
CHR Extension: (Downloader for OnlyFans.com) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncijbkbmebnjlnghhpjcoeeagokpaal [2020-10-02]
CHR Extension: (Gmail) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]
CHR Profile: C:\Users\other\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-08]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bckipplcmnfhblnpibpbehenelnkpecd] - C:\Program Files (x86)\OkayFreedom\okayfreedom.crx [2013-12-05]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-14]
 
Opera: 
=======
OPR Profile: C:\Users\other\AppData\Roaming\Opera Software\Opera Stable [2021-03-13]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\other\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-17]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-14] (BattlEye Innovations e.K. -> )
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-05-23] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-05-23] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-05-23] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe [72808 2021-01-27] (Google LLC -> Google LLC)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
S4 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] (Giga-Byte Technology -> )
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [75776 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [5680320 2017-10-26] (Disc Soft Ltd -> Disc Soft Ltd)
S4 Ds3Service; A:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [394944 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Scarlet.Crush Productions)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
S4 HiPatchService; A:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
S4 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
R2 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
R2 MBAMService; A:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-04-02] (Malwarebytes Inc -> Malwarebytes)
S4 Nero BackItUp Scheduler 3; A:\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG -> Nero AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG -> Nero AG)
S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [317792 2013-12-10] (Steganos Software GmbH -> Steganos Software GmbH)
S4 Origin Client Service; A:\Program Files (x86)\Origin\OriginClientService.exe [2167056 2019-02-13] (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-07] (Even Balance, Inc. -> )
S4 ptservice; A:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe [17816 2014-01-20] (OpenVPN Technologies, Inc. -> OpenVPN Technologies, Inc)
S4 RaAutoInstSrv_AM10; C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe [528512 2010-02-19] (Cisco Consumer Products LLC -> Cisco Consumer Products LLC)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S4 SbieSvc; A:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D -> SANDBOXIE L.T.D)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6477936 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 ss_conn_service; A:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-15] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2012-12-18] () [File not signed]
S4 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9875416 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VPNUnlimitedService; A:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [47616 2020-12-24] (KeepSolid Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Users\other\AppData\Local\Temp\VPN Unlimited\VPNUWireguard.conf [301 2021-03-09] () [File not signed] <==== ATTENTION
S3 FOLIKRSV; "C:\Users\other\AppData\Roaming\Follow Liker\mdb\bin\folikrSrv.exe" --defaults-file="C:\Users\other\AppData\Roaming\Follow Liker\mdb\bin\srv.ini" FOLIKRSV
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [312480 2020-01-03] (Tages SA -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-12-07] (Microsoft Corporation) [File not signed]
S3 busenum; C:\WINDOWS\System32\DRIVERS\SteelBus64.sys [112128 2012-05-22] (SteelSeries Corporation) [File not signed]
R1 Capsax64Drv0; C:\WINDOWS\System32\Drivers\Capsax64Drv0.sys [35976 2014-08-15] (Colasoft LLC -> Colasoft Co., Ltd.)
R3 CMUACWO; C:\WINDOWS\System32\drivers\CMUACWO.sys [357376 2013-02-19] (C-MEDIA ELECTRONICS INC. -> C-Media Inc.)
R1 CSN5PDTS82x64; C:\WINDOWS\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Chengdu Colasoft Co., Ltd. -> Colasoft Co., Ltd.)
S1 CsNdisLWF; C:\WINDOWS\System32\Drivers\CsNdisLWF.sys [44400 2017-07-11] (Colasoft Co., Ltd -> Windows ® Win 7 DDK provider)
S1 CsNdisLWF; C:\Windows\SysWOW64\Drivers\CsNdisLWF.sys [44400 2017-07-11] (Colasoft Co., Ltd -> Windows ® Win 7 DDK provider)
S3 DFX11_1; C:\WINDOWS\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Power Technology -> Windows ® Win 7 DDK provider)
S3 DIRECTIO; A:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] (PassMark Software Pty Ltd -> )
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2011-12-10] (DT Soft Ltd -> DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-03-11] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R3 EuMusDesignVirtualAudioCableWdm; C:\WINDOWS\System32\drivers\vrtaucbl.sys [90624 2013-09-05] (NTONYX Ltd. -> Eugene V. Muzychenko)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-21] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-05-15] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum.sys [37408 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid.sys [26912 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2020-01-03] (Tages SA -> )
S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-05-04] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-05-04] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2021-03-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-06] (Malwarebytes Inc -> Malwarebytes)
R3 MpKslef94cc6e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC5D4248-F46B-4059-8F42-D446EED012E9}\MpKslDrv.sys [90360 2021-03-14] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 NPF; C:\Windows\SysWOW64\drivers\npf.sys [50704 2010-03-22] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [40664 2014-01-20] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S3 RTCore64; A:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [9834072 2019-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 SbieDrv; A:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D -> SANDBOXIE L.T.D)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2017-06-19] (Bruce James -> Scarlet.Crush Productions)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 taphss6; C:\WINDOWS\System32\DRIVERS\taphss6.sys [42184 2014-01-14] (AnchorFree Inc -> Anchorfree Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VBoxUSBMon; C:\WINDOWS\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6335912 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vhidmini; C:\WINDOWS\System32\DRIVERS\vHidDev.sys [7552 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 VKbms; C:\WINDOWS\System32\drivers\VKbms.sys [13312 2010-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38176 2020-09-27] (WireGuard LLC -> WireGuard LLC)
S1 XQHDrv; C:\WINDOWS\System32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-14 05:39 - 2021-03-14 05:53 - 000003448 _____ C:\Users\other\Desktop\Rkill.txt
2021-03-14 05:32 - 2021-03-14 05:35 - 000202326 _____ C:\WINDOWS\ntbtlog.txt
2021-03-14 05:32 - 2021-03-14 05:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-14 05:20 - 2021-03-14 05:21 - 000000258 __RSH C:\ProgramData\ntuser.pol
2021-03-14 05:20 - 2021-03-14 05:20 - 000000000 ____D C:\Program Files (x86)\Windows Locator
2021-03-14 05:19 - 2021-03-14 05:20 - 000000000 ____D C:\Users\other\AppData\LocalLow\eP7zM4gX8vY8xT3o
2021-03-14 05:19 - 2021-03-14 05:19 - 000003050 _____ C:\WINDOWS\system32\Tasks\bxBxyIKayNQGLKpxkX
2021-03-14 05:19 - 2021-03-14 05:19 - 000000506 _____ C:\WINDOWS\Tasks\bxBxyIKayNQGLKpxkX.job
2021-03-14 05:19 - 2021-03-14 05:19 - 000000000 ____D C:\Users\other\AppData\Local\Weather
2021-03-14 05:18 - 2021-03-14 05:35 - 000000000 ____D C:\Program Files (x86)\caymans
2021-03-14 05:18 - 2021-03-14 05:19 - 000000000 ____D C:\Program Files (x86)\MaskVPN
2021-03-14 05:18 - 2021-03-14 05:18 - 003473408 _____ C:\Users\other\AppData\LocalLow\exuieaoEiI
2021-03-14 05:18 - 2021-03-14 05:18 - 000004156 _____ C:\WINDOWS\system32\Tasks\confers bookends crafter
2021-03-14 05:18 - 2021-03-14 05:18 - 000004154 _____ C:\WINDOWS\system32\Tasks\blessed_transferor
2021-03-14 05:18 - 2021-03-14 05:18 - 000004150 _____ C:\WINDOWS\system32\Tasks\native plundering
2021-03-14 05:18 - 2021-03-14 05:18 - 000004144 _____ C:\WINDOWS\system32\Tasks\cosseted_greystone
2021-03-14 05:18 - 2021-03-14 05:18 - 000004138 _____ C:\WINDOWS\system32\Tasks\marylin-angeleno
2021-03-14 05:18 - 2021-03-14 05:18 - 000004136 _____ C:\WINDOWS\system32\Tasks\notepads
2021-03-14 05:18 - 2021-03-14 05:18 - 000004122 _____ C:\WINDOWS\system32\Tasks\crystals
2021-03-14 05:18 - 2021-03-14 05:18 - 000004114 _____ C:\WINDOWS\system32\Tasks\tati
2021-03-14 05:18 - 2021-03-14 05:18 - 000004040 _____ C:\WINDOWS\system32\Tasks\confers bookends crafterconfers bookends crafter
2021-03-14 05:18 - 2021-03-14 05:18 - 000004026 _____ C:\WINDOWS\system32\Tasks\blessed_transferorblessed_transferor
2021-03-14 05:18 - 2021-03-14 05:18 - 000004022 _____ C:\WINDOWS\system32\Tasks\native plunderingnative plundering
2021-03-14 05:18 - 2021-03-14 05:18 - 000004016 _____ C:\WINDOWS\system32\Tasks\cosseted_greystonecosseted_greystone
2021-03-14 05:18 - 2021-03-14 05:18 - 000004006 _____ C:\WINDOWS\system32\Tasks\marylin-angelenomarylin-angeleno
2021-03-14 05:18 - 2021-03-14 05:18 - 000003988 _____ C:\WINDOWS\system32\Tasks\notepadsnotepads
2021-03-14 05:18 - 2021-03-14 05:18 - 000003974 _____ C:\WINDOWS\system32\Tasks\crystalscrystals
2021-03-14 05:18 - 2021-03-14 05:18 - 000003958 _____ C:\WINDOWS\system32\Tasks\tatitati
2021-03-14 05:18 - 2021-03-14 05:18 - 000000000 ___HD C:\Program Files (x86)\yum
2021-03-14 05:18 - 2021-03-14 05:18 - 000000000 ___HD C:\Program Files (x86)\Propagates
2021-03-14 05:18 - 2021-03-14 05:18 - 000000000 ____D C:\Program Files (x86)\viewerise
2021-03-14 05:18 - 2021-03-14 05:18 - 000000000 ____D C:\Program Files (x86)\Subtype
2021-03-14 05:18 - 2021-03-14 05:18 - 000000000 ____D C:\Program Files (x86)\molto
2021-03-14 05:18 - 2021-03-14 05:18 - 000000000 ____D C:\Program Files (x86)\Apprehended
2021-03-14 05:17 - 2021-03-14 05:18 - 000000000 ____D C:\Users\other\AppData\Roaming\Weather
2021-03-14 05:16 - 2021-03-14 05:16 - 000000000 ____D C:\Program Files (x86)\IBBrowserInstallerEngine
2021-03-14 05:11 - 2021-03-14 05:11 - 000007680 _____ (Revelatory Inc.) C:\Users\other\AppData\Local\Revelatory.exe
2021-03-14 05:11 - 2021-03-14 05:11 - 000007680 _____ (Localizing Inc.) C:\WINDOWS\emiliano.exe
2021-03-14 05:11 - 2021-03-14 05:11 - 000007680 _____ (Localizing Inc.) C:\Users\other\AppData\Local\Localizing.exe
2021-03-13 05:39 - 2021-03-14 04:35 - 000000000 ____D C:\Users\other\AppData\LocalLow\uTorrent
2021-03-12 02:39 - 2021-03-12 02:39 - 000000000 ____D C:\Users\other\AppData\Roaming\4kdownload.com
2021-03-11 00:46 - 2021-03-11 00:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 00:46 - 2021-03-11 00:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 00:46 - 2021-03-11 00:46 - 001757632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 00:46 - 2021-03-11 00:46 - 001365640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 00:46 - 2021-03-11 00:46 - 001282360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 00:46 - 2021-03-11 00:46 - 000861696 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 00:46 - 2021-03-11 00:46 - 000515584 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-11 00:46 - 2021-03-11 00:46 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth19.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-03-05 17:50 - 2021-03-05 17:50 - 000000000 ____D C:\Users\other\AppData\Local\com.electricplum.ems
2021-03-05 17:48 - 2021-03-05 17:48 - 000001123 _____ C:\ProgramData\Desktop\Electric Mobile Studio 2012.lnk
2021-03-05 17:48 - 2021-03-05 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electric Mobile Studio 2012
2021-03-05 17:48 - 2010-09-29 22:29 - 000360580 _____ (eSellerate Inc.) C:\WINDOWS\SysWOW64\eSellerateEngine.dll
2021-03-05 17:48 - 2010-09-29 22:29 - 000094208 _____ (eSellerate Inc.) C:\WINDOWS\SysWOW64\eSellerateControl365.dll
2021-03-04 23:02 - 2021-03-04 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-04 19:30 - 2021-03-04 19:30 - 000000000 ____D C:\Users\other\AppData\Roaming\CDisplayEx
2021-03-04 10:27 - 2021-03-14 05:20 - 000000000 ____D C:\Users\other\AppData\Local\CrashDumps
2021-03-02 20:12 - 2021-03-02 20:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-02 20:12 - 2021-03-02 20:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-02 20:12 - 2021-03-02 20:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-02 20:12 - 2021-03-02 20:12 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-02-23 22:47 - 2021-02-23 22:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-20 02:00 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\LocalLow\Adobe
2021-02-20 02:00 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\Local\Adobe
2021-02-20 01:55 - 2021-02-20 01:55 - 000000000 ____D C:\Users\Stlth\AppData\Local\TSVNCache
2021-02-20 01:53 - 2021-02-20 01:53 - 000000000 ____D C:\Users\Stlth\AppData\Local\cache
2021-02-20 01:52 - 2021-02-20 01:52 - 000000000 ____D C:\Users\Stlth\AppData\Local\PlaceholderTileLogoFolder
2021-02-20 01:50 - 2021-02-20 01:51 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-816131170-1439977655-1545633551-1011
2021-02-20 01:50 - 2021-02-20 01:51 - 000000000 ___RD C:\Users\Stlth\OneDrive
2021-02-20 01:50 - 2021-02-20 01:50 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Subversion
2021-02-20 01:49 - 2021-02-20 01:49 - 000000000 ____D C:\Users\Stlth\AppData\Local\KeepSolid Inc
2021-02-20 01:48 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Adobe
2021-02-20 01:48 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\Local\Packages
2021-02-20 01:48 - 2021-02-20 01:53 - 000000000 ____D C:\Users\Stlth\AppData\Local\AMD
2021-02-20 01:48 - 2021-02-20 01:51 - 000002401 _____ C:\Users\Stlth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-20 01:48 - 2021-02-20 01:50 - 000000000 ____D C:\Users\Stlth\AppData\Local\NVIDIA Corporation
2021-02-20 01:48 - 2021-02-20 01:50 - 000000000 ____D C:\Users\Stlth
2021-02-20 01:48 - 2021-02-20 01:48 - 000000020 ___SH C:\Users\Stlth\ntuser.ini
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ___RD C:\Users\Stlth\3D Objects
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\VirtualStore
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\Publishers
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\Google
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\ConnectedDevicesPlatform
2021-02-20 01:48 - 2019-05-04 18:43 - 000000000 ____D C:\Users\Stlth\AppData\Local\Microsoft Help
2021-02-20 01:48 - 2012-08-25 02:24 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Macromedia
2021-02-20 01:48 - 2009-07-14 00:45 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Media Center Programs
2021-02-19 18:47 - 2021-03-14 05:32 - 000216056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-15 01:44 - 2021-02-15 01:45 - 011148182 _____ C:\Users\other\Downloads\k
2021-02-15 01:34 - 2021-02-15 01:34 - 000000000 ____D C:\Users\other\AppData\Local\KeepSolid Inc
2021-02-15 01:29 - 2021-02-15 01:29 - 000000803 _____ C:\ProgramData\Desktop\VPN Unlimited.lnk
2021-02-15 01:29 - 2021-02-15 01:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-14 05:57 - 2016-08-15 05:12 - 000000000 ____D C:\FRST
2021-03-14 05:53 - 2018-01-19 17:18 - 000000000 ___RD C:\Users\terry\Desktop\new s
2021-03-14 05:45 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-14 05:43 - 2019-12-07 20:06 - 001585530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-14 05:43 - 2019-12-07 19:02 - 000517330 _____ C:\WINDOWS\system32\perfh012.dat
2021-03-14 05:43 - 2019-12-07 19:02 - 000149268 _____ C:\WINDOWS\system32\perfc012.dat
2021-03-14 05:39 - 2020-10-28 02:26 - 000000000 ____D C:\Users\other\AppData\Roaming\Shift
2021-03-14 05:39 - 2014-01-01 21:37 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-14 05:37 - 2020-02-11 20:25 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-03-14 05:37 - 2020-02-11 20:25 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-14 05:37 - 2019-12-07 20:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-14 05:37 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-14 05:36 - 2019-03-18 21:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-03-14 05:28 - 2019-05-04 16:30 - 000000000 ____D C:\Users\terry\AppData\Local\Packages
2021-03-14 05:28 - 2019-03-30 23:05 - 000000000 ____D C:\Users\terry\AppData\Roaming\discordptb
2021-03-14 05:28 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-14 05:28 - 2012-03-21 09:31 - 000000000 ____D C:\Users\terry\AppData\Local\TSVNCache
2021-03-14 05:26 - 2019-03-30 23:05 - 000000000 ____D C:\Users\terry\AppData\Local\DiscordPTB
2021-03-14 05:25 - 2019-12-07 20:01 - 000000000 ____D C:\Users\other
2021-03-14 05:25 - 2019-05-04 16:30 - 000000000 ___RD C:\Users\terry\3D Objects
2021-03-14 05:21 - 2019-12-07 19:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-14 05:18 - 2019-04-10 20:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-14 05:18 - 2012-05-01 18:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-14 05:17 - 2019-04-25 03:08 - 000000000 ____D C:\Users\other\AppData\Local\BitTorrentHelper
2021-03-14 05:17 - 2015-12-01 04:45 - 000000000 ____D C:\Users\other\AppData\Roaming\uTorrent
2021-03-14 05:12 - 2019-02-16 20:51 - 000000000 ____D C:\Users\other\AppData\Roaming\Discord
2021-03-14 04:58 - 2014-07-17 15:42 - 000000000 ____D C:\Users\other\AppData\Roaming\vlc
2021-03-14 03:24 - 2013-02-15 00:38 - 000000000 ____D C:\Users\other\AppData\Local\TSVNCache
2021-03-14 01:08 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-13 21:35 - 2019-04-26 00:23 - 000000000 ____D C:\Users\other\AppData\LocalLow\Mozilla
2021-03-12 17:08 - 2019-04-25 18:42 - 000000000 ____D C:\Users\other\Documents\ShareX
2021-03-12 05:12 - 2020-05-07 19:13 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-12 05:12 - 2020-05-07 19:13 - 000002259 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-12 03:52 - 2021-02-08 17:36 - 000000000 ____D C:\Users\other\AppData\Roaming\WhatsApp
2021-03-11 23:55 - 2021-02-08 17:35 - 000000000 ____D C:\Users\other\AppData\Local\WhatsApp
2021-03-11 23:54 - 2020-06-05 07:08 - 000000000 ____D C:\Users\other\AppData\Local\SquirrelTemp
2021-03-11 14:00 - 2019-05-04 19:17 - 000000000 ___RD C:\Users\other\3D Objects
2021-03-11 13:59 - 2019-12-07 19:56 - 005218928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 13:58 - 2019-03-18 23:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-11 13:58 - 2019-03-18 23:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 02:16 - 2020-10-29 00:29 - 000000000 ____D C:\Users\other\AppData\Local\xwalk
2021-03-11 00:49 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 14:04 - 2019-07-21 02:17 - 000000000 ____D C:\Users\other\AppData\Roaming\obs-studio
2021-03-10 08:43 - 2017-12-19 04:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-10 01:38 - 2019-04-25 01:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 01:27 - 2011-12-10 20:35 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 15:29 - 2020-12-16 01:58 - 000004164 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608109085
2021-03-08 15:29 - 2020-12-16 01:58 - 000001443 _____ C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-03-07 13:37 - 2015-12-05 02:46 - 000000000 ____D C:\Users\other\AppData\Local\Battle.net
2021-03-06 10:37 - 2015-10-13 11:21 - 000000000 ____D C:\Users\other\Documents\StarCraft II
2021-03-06 10:36 - 2015-12-05 02:46 - 000000000 ____D C:\Users\other\AppData\Roaming\Battle.net
2021-03-05 21:15 - 2019-05-04 16:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-05 16:28 - 2020-05-27 06:53 - 000000000 ____D C:\Users\other\Downloads\Telegram Desktop
2021-03-05 11:28 - 2020-07-14 22:39 - 000000000 ____D C:\Users\other\AppData\Local\ElevatedDiagnostics
2021-03-04 23:02 - 2019-02-28 21:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-04 15:07 - 2020-05-07 19:12 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 15:07 - 2020-05-07 19:12 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 20:40 - 2020-06-05 07:08 - 000000000 ____D C:\Users\other\AppData\Local\DiscordPTB
2021-03-02 00:37 - 2020-06-11 20:29 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-02-27 10:13 - 2019-12-07 20:11 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-816131170-1439977655-1545633551-1002
2021-02-27 10:13 - 2019-12-07 20:01 - 000002401 _____ C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 10:13 - 2019-05-04 19:18 - 000000000 ___RD C:\Users\other\OneDrive
2021-02-27 00:40 - 2020-07-23 19:15 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-25 00:49 - 2020-12-11 16:53 - 000000000 ____D C:\Users\other\AppData\Local\Shift
2021-02-24 00:48 - 2012-05-01 18:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-23 22:47 - 2011-12-10 22:33 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-20 15:55 - 2020-08-14 09:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 01:29 - 2013-04-19 13:24 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-13 16:28 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 16:28 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Common Files\System
 
==================== Files in the root of some directories ========
 
2019-10-20 13:38 - 2020-11-16 22:20 - 000000132 _____ () C:\Users\other\AppData\Roaming\Adobe PNG Format CS5 Prefs
2020-10-29 00:29 - 2020-10-29 00:29 - 000045056 _____ () C:\Users\other\AppData\Roaming\Web Data
2020-10-29 00:29 - 2020-10-29 00:29 - 000000000 _____ () C:\Users\other\AppData\Roaming\Web Data-journal
2020-11-28 16:04 - 2020-11-28 16:04 - 000001456 _____ () C:\Users\other\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-03-14 05:11 - 2021-03-14 05:11 - 000007680 _____ (Localizing Inc.) C:\Users\other\AppData\Local\Localizing.exe
2021-03-14 05:11 - 2021-03-14 05:11 - 000007680 _____ (Revelatory Inc.) C:\Users\other\AppData\Local\Revelatory.exe
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by other (14-03-2021 05:58:35)
Running from F:\Downloads
Windows 10 Pro Version 1909 18363.1440 (X64) (2019-12-08 03:11:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
1 (S-1-5-21-816131170-1439977655-1545633551-1007 - Limited - Enabled)
Administrator (S-1-5-21-816131170-1439977655-1545633551-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-816131170-1439977655-1545633551-503 - Limited - Disabled)
Guest (S-1-5-21-816131170-1439977655-1545633551-501 - Limited - Disabled)
other (S-1-5-21-816131170-1439977655-1545633551-1002 - Administrator - Enabled) => C:\Users\other
Person (S-1-5-21-816131170-1439977655-1545633551-1010 - Administrator - Enabled) => C:\Users\Person
Stlth (S-1-5-21-816131170-1439977655-1545633551-1011 - Limited - Enabled) => C:\Users\Stlth
terry (S-1-5-21-816131170-1439977655-1545633551-1000 - Administrator - Enabled) => C:\Users\terry
WDAGUtilityAccount (S-1-5-21-816131170-1439977655-1545633551-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
µTorrent (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
4K Video Downloader (HKLM\...\{98A3B156-22C4-4B5A-9590-77DBF094BC71}) (Version: 4.13.5.3950 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
888poker (HKLM-x32\...\888poker) (Version:  - )
Ace Stream Media 3.1.9 (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\AceStream) (Version: 3.1.9 - Ace Stream Media) <==== ATTENTION
Ace Stream Media 3.1.9 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\AceStream) (Version: 3.1.9 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Age of Wushu (HKLM-x32\...\{A0AFB64E-79E1-45BF-BA6C-18C21E007D8E}) (Version: 0.0.1.116 - Snail Games USA)
amazeowl-desktop (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\amazeowl-desktop) (Version: 3.5.0 - AmazeOwl)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.1.3 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS)
ASUS PCE-AC68 WLAN Card Driver (HKLM-x32\...\{39BD9681-D3B1-435C-A0C1-F87C68513401}) (Version: 2.1.4.3 - ASUS)
ASUS USB-N53 Utility (HKLM-x32\...\{E3D76EEB-4512-4FCF-B71B-5802DDC6B3C0}) (Version: 1.0.16.0000 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.4 - ASUS)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Audio DVD Creator 1.9.1.0 (HKLM-x32\...\Audio DVD Creator_is1) (Version:  - Goland Tech Ltd.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoHotkey 1.1.09.03 (HKLM\...\AutoHotkey) (Version: 1.1.09.03 - Lexikos)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AviSynth+ 0.1.0 r1779 (HKLM-x32\...\{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1) (Version: 0.1.0.1779 - The Public)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.4.1.240 - Online Media Technologies Ltd.)
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Betcoin Poker (HKLM-x32\...\DEAECD1E-0CEF-494d-A7DE-20EC7A6E3F61) (Version: 16.6 - IGSoft)
BigFoot-SC22 (HKLM-x32\...\{7E0E8313-0C11-4DBF-9A7D-D31E986A26E2}) (Version: 1.0 - 178游戏网)
Bisq (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\{io.bisq.gui.app}}_is1) (Version: 0.6.2 - Bisq)
Bisq (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{io.bisq.gui.app}}_is1) (Version: 0.6.2 - Bisq)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}) (Version: 6.1.0.36 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research In Motion Ltd.)
BlitzIn 3.10 (HKLM-x32\...\BlitzIn 3.10) (Version:  - Internet Chess Club)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version:  - )
Bluesky Frame Rate Converter Version 2.13.1 (HKLM\...\Bluesky Frame Rate Converter_is1) (Version:  - Bluesky)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
BYOND (HKLM-x32\...\BYOND) (Version: 498.1163 - BYOND)
Call of Duty Black Ops II (HKLM-x32\...\Call of Duty Black Ops II_is1) (Version:  - )
Car music DVD Burner 1.0 (HKLM-x32\...\Car music DVD Burner_is1) (Version: 1.0 - EZuse Computing, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}) (Version: 89.0.4389.25 - Google LLC)
Cisco Valet Connector (HKLM-x32\...\Cisco Valet Connector) (Version: 1.1.10049.0 - Cisco Consumer Products LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
ClickMonitorDDC version 7.0.0.0 (HKLM-x32\...\{2577BD7A-C90A-47F3-BDB9-89A9BA3E0BD9}_is1) (Version: 7.0.0.0 - ClickMonitorDDC)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
CMEDIA USB2.0 Audio Device (HKLM-x32\...\{9445E4B8-E875-470A-928A-A665D3F973B4}) (Version: 1.00.0001 - C-Media Electronics, Inc.)
Colasoft Capsa 10 Enterprise Demo (HKLM\...\571BFE52-AB70-4392-AE10-377934EC0827_is1) (Version: 10.0.0.10055 - Colasoft)
Colasoft Capsa 8 Free (HKLM-x32\...\Colasoft Capsa 8 Free_is1) (Version: 8.0.0.8053 - Colasoft)
CopyTrans Suite Remove Only (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CopyTrans Suite Remove Only (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
CSV to vCard (HKLM-x32\...\{B9DCBBD4-20F5-424B-9C56-FFF62BE71CD7}_is1) (Version:  - csvtovcard.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version:  - DT Soft Ltd.)
Dark Souls Prepare to Die Edition (HKLM-x32\...\{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\DiscordPTB) (Version: 0.0.55 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\DiscordPTB) (Version: 0.0.56 - Discord Inc.)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version:  - )
Dream MP3 to MIDI Converter 3.7 (HKLM-x32\...\{66712EEE-ECBC-4CA6-A474-dream-mp3-to-midi-converter}_is1) (Version:  - DreamVideoSoft,Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 117.4.378 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Earth's Special Forces (HKLM-x32\...\ESF) (Version:  - )
Easy Tune 6 B11.0309.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
EasyLife Gadget (HKLM\...\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}) (Version: 1.0 - EasyLife Gadget)
Electric Mobile Studio 2012 version 1.1.5 (HKLM-x32\...\{D7DBD19C-4A7A-46B4-B626-F8CC7B36335D}_is1) (Version: 1.1.5 - electric plum, LLC)
Emby Server (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Emby Server) (Version: 4.1 - Emby Team)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON NX130 Series Printer Uninstall (HKLM\...\EPSON NX130 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
EVGA PrecisionX 16 (HKLM-x32\...\{4C5ECFC6-AF6E-42A0-988D-0A5FCBB8F0B9}) (Version: 5.3.11 - EVGA Corporation)
EZMira (HKLM-x32\...\{79BB7AC7-AB38-4C64-8140-7ECE6B46C26A}) (Version: 1.3.1.14 - Actions-Micro)
Fable III (HKLM-x32\...\{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\{4D53090A-CE35-42BD-B377-831000018301}) (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\{4D53090A-CE35-42BD-B377-831000018302}) (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\{4D53090A-CE35-42BD-B377-831000018303}) (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
Female Voices (HKLM-x32\...\{8339A1A4-765A-4B23-8950-86BD1382E37B}) (Version: 4.4.41 - Screaming Bee Inc.) Hidden
Female Voices for MorphVOX (HKLM-x32\...\{7deb85b1-333a-461a-9ae0-00b4b8a6e3e7}) (Version: 4.4.41 - Screaming Bee Inc.)
FFsplit version Alpha (HKLM-x32\...\{4AA62353-C8D9-4A05-A425-D9DFC4646B99}_is1) (Version: Alpha - Taqveer Doha)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.3 - Telerik)
Fiddler Syntax-Highlighting Addons (HKLM-x32\...\FiddlerSyntaxAddons) (Version:  - )
FiiO Portable High-Res Music Player series v4.11.0 (HKLM-x32\...\Software_FiiO_fiio_usbaudio_Setup) (Version: 4.11.0 - FiiO)
FileSeek 5.2.1 (HKLM-x32\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 5.2.1.0 - Binary Fortress Software)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Follow Liker version 10.4.3 (HKLM-x32\...\{0C42C8A7-894B-49A1-B6EC-FB7FB3C0A193}_is1) (Version: 10.4.3 - Follow Liker)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.10.1.3069 - Softdeluxe)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.4.1.0 - miHoYo Co.,Ltd)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version:  - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.39.5101 - Gretech Corporation)
GOMTV Streamer (HKLM-x32\...\GomTVStreamer) (Version: 1.0.0.26 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
GoToMeeting 8.39.0.11408 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\GoToMeeting) (Version: 8.39.0.11408 - LogMeIn, Inc.)
GoToMeeting 8.43.1.12771 (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\GoToMeeting) (Version: 8.43.1.12771 - LogMeIn, Inc.)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto V ver. 1.0.335.2 (HKLM-x32\...\{27159000-99AS-22CV-33F9-55GYHF2186AC}_is1) (Version: 1.0.335.2 - Rockstar Games)
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium Music Manager 11.2 (HKLM-x32\...\{FC3666EE-D43E-45E0-BB82-B8B6DE3A91C9}}_is1) (Version: 11.2.0.13510 - Imploded Software)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Heroes of the Storm Tech Alpha (HKLM-x32\...\Heroes of the Storm Tech Alpha) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IBBrowserInstallerEngine version 156.2 (HKLM-x32\...\IBBrowserInstallerEngine_is1) (Version: 156.2 - GibberishObama)
ICQ (version 10.0.38545) (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\icq.desktop) (Version: 10.0.38545 - ICQ)
iDealshare VideoGo 4.1.21.4997 (HKLM-x32\...\{CC4C06C4-7C78-4aab-B5AF-33FB11CCD828}_is1) (Version:  - iDealshare Corporation)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Infinite HD™ App (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Infinite HD™ App (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Extreme Tuning Utility (HKLM-x32\...\{92b09894-9d66-465d-97a0-5bcabf264301}) (Version: 6.5.1.321 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
intelliScore Ensemble MP3 to MIDI Converter Demo (HKLM-x32\...\intelliScore Ensemble MP3 to MIDI Converter Demo) (Version: 8.1 - Innovative Music Systems)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
jZip (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\jZip) (Version: 2.0.0.136805 - Bandoo Media Inc)
KeyNote 1.6.5 (HKLM-x32\...\KeyNote_is1) (Version:  - )
K-Lite Mega Codec Pack 15.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.1.6 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LemmingballZ 3D 8460 (HKLM-x32\...\LemmingballZ_0) (Version:  - )
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Lucius 1.01.3173 (HKLM-x32\...\{84F3F00F-CCA9-43B3-A493-1E2757649848}_is1) (Version: 1.01.3173 - Lace Mamba Global)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MaskVPN (HKLM-x32\...\{4A4ACF2E-4A98-4D18-80E3-5A5E5706F81E}_is1) (Version: 1.1.0.31 - Global Media (Thailand) Co., Ltd)
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MeGUI (remove only) (HKLM-x32\...\MeGUI) (Version: 0.3.5 - MeGUI Team)
MelOn Player4 (HKLM-x32\...\Melon40) (Version: 4.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.)
MKVToolNix 7.3.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
Momentum Plus 1.2.1 (HKLM\...\69846732-891f-563b-a7f3-958f57d206ec) (Version: 1.2.1 - Holmez Softsolutions Pte. Ltd)
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: 1.0.0.0 - 2K Games)
NBA 2K20 version final (HKLM-x32\...\NBA 2K20_is1) (Version: final - The)
Nero 8 (HKLM-x32\...\{D6C9AF27-9414-46C8-B9D8-D878BA041033}) (Version: 8.3.314 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Netbeans with TMC 0.8.18 (HKLM\...\nbi-tmcbeans-1.0.0.0.0) (Version:  - )
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.3.0.5 - GOG.com)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
NullpoMino version 7.5 (HKLM-x32\...\{92421394-0936-4142-B3BD-400D24E8D662}_is1) (Version: 7.5 - NullNoname)
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.2 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open Broadcaster Software version 0.448a (HKLM-x32\...\{F017778C-11C7-4E57-8124-F10C5AD74B1E}_is1) (Version: 0.448a - )
Opera Stable 74.0.3911.203 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Opera 74.0.3911.203) (Version: 74.0.3911.203 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.13.1.16659 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.1.23136 - Grinding Gear Games)
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.4.0 - Futuremark)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Peace (HKLM\...\Peace) (Version: 1.4.5.0 - P.E. Verbeek)
PE-DESIGN Ver.6 (HKLM-x32\...\{B202B201-5D15-4CA7-A978-047AB4A28960}) (Version: ANY - )
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1037.0 - Passmark Software)
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Daum Communications Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.3.4.0 - OpenVPN Technologies)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Razer Abyssus (HKLM-x32\...\{CBD6B23A-B54F-476A-9527-C262F469CACF}) (Version: 2.01 -  Razer USA Ltd.)
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Razer Salmosa (HKLM-x32\...\{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}) (Version: 1.00 -  Razer USA Ltd.)
Real Boxing (HKLM-x32\...\Real Boxing_is1) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ReClock (HKLM-x32\...\ReClock) (Version:  - SlySoft, Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
RPG Maker VX Ace (HKLM-x32\...\{835D562C-B72C-461D-A9C3-B8206B66E85A}) (Version: 1.01 - RPG MAKER)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Sandboxie 3.76 (64-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
ScpToolkit (HKLM\...\{1EA84ED4-28D4-4836-BF8B-0E31BF1704C5}) (Version: 1.7.277.16103 - Nefarius Software Solutions)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SewArt (HKLM\...\{C398F221-F15C-4BB6-988D-05D5D2794AEB}) (Version: 1.8.4 - S & S Computing)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 10.9.1 - ShareX Team)
SharpKeys (HKLM-x32\...\{B6685367-A8AD-4414-A2A3-10B40EC5CF30}) (Version:  - )
Shift (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Shift) (Version: 3.6.1 - Shift)
Shift (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Shift) (Version: 6.0.56-stable - Shift)
Shredder Classic 4 (HKLM-x32\...\{C0FA6973-0ED6-4523-9593-BE50927A28BB}_is1) (Version:  - Stefan Meyer-Kahlen)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype version 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skyperious 3.5 (HKLM-x32\...\Skyperious) (Version: 3.5 - Erki Suurjaak)
Sleeping Dogs version 1.4 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 1.4 - )
Smart 6 B10.1221.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.10 - Hi-Rez Studios)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
Sony ACID Pro 6.0 (HKLM-x32\...\{87DABCF7-2C38-4996-8FBE-053CA6536168}) (Version: 6.0.355 - Sony)
Sony Media Manager 2.2 (HKLM-x32\...\{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}) (Version: 2.2.93 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
StarCraft II Public Test (HKLM-x32\...\StarCraft II Public Test) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Kinzu Optical Mouse (HKLM-x32\...\{A03E4302-F387-47F3-8136-6D9D9286CD3B}) (Version: 1.0.10 - Steelseries)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version:  - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SVP 4 Free (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\{94019171-0cc6-4145-bfee-235091d83782}) (Version: 4.0 - SVP Team)
SVP 4 Free (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{94019171-0cc6-4145-bfee-235091d83782}) (Version: 4.0 - SVP Team)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20202 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop version 2.6.1 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.6.1 - Telegram FZ-LLC)
The Darkness II (HKLM-x32\...\The Darkness II_is1) (Version:  - )
The Elder Scrolls V Skyrim (HKLM-x32\...\{4FEF52F2-3C2C-4B80-9443-3D6A654328D0}_is1) (Version:  - Bethesda Softworks)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\TimeAdjuster) (Version:  - IrekSoftware.com)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\TimeAdjuster) (Version:  - IrekSoftware.com)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
TortoiseSVN 1.7.6.22632 (64 bit) (HKLM\...\{D2D22BEE-B7F1-49D0-9ED6-86D0B2CEDFAD}) (Version: 1.7.22632 - TortoiseSVN)
TRENDnet Powerline Utility (HKLM-x32\...\{B596801C-EA86-4920-8432-1B1B8AE148F0}) (Version: 7.1.0101 - TRENDnet)
Trine 2 (HKLM-x32\...\Trine 2_is1) (Version:  - )
TunSetupVPNU (HKLM\...\{3E4BC5B7-104F-40B3-BEC4-9CEF0BCD0EF8}) (Version: 1.0.0 - Keepsolid Inc.)
Twitch Leecher 1.8 (HKLM\...\{F6711650-3BDB-4025-82D4-0639CC06F686}) (Version: 1.8.0.0 - Franiac) Hidden
Twitch Leecher 1.8 (HKLM-x32\...\{4ef3f40e-3993-4078-af37-d9444538f014}) (Version: 1.8.0.0 - Franiac)
UltraSearch V2.0.3 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.0.3 - JAM Software)
Unity Web Player (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
VALORANT (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Veoh Giraffic Video Accelerator (HKLM-x32\...\Giraffic) (Version: 0.86.412.230 - Giraffic)
Video Download Studio 3.4.14 (HKLM-x32\...\{8A075C9A-1368-4491-855E-F3D9ABE55740}_is1) (Version:  - aHisoft)
viewerise v1.53.666 (HKLM-x32\...\viewerise_is1) (Version: 1.53.0.224 - )
Virtual Audio Cable 4.12 (HKLM\...\Virtual Audio Cable 4.12) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VPN Unlimited 8.3.1 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 8.3.1 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warframe (HKLM-x32\...\{4C8CFCAF-4589-46E7-ABB8-438A73CF4996}) (Version: 1.0.0 - Digital Extremes)
Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Weather (HKLM-x32\...\Weather) (Version: 9.1.0T - Weather)
WeChat (HKLM-x32\...\WeChat) (Version: 3.0.0.57 - 腾讯科技(深圳)有限公司)
WeMod (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\WeMod) (Version: 6.3.10 - WeMod)
WhatsApp (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\WhatsApp) (Version: 2.2108.8 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WM Capture (HKLM-x32\...\WM Capture) (Version:  - )
WM Recorder 14 (HKLM-x32\...\WM Recorder 14) (Version:  - )
Wondershare Video Converter Ultimate(Build 8.0.0.10) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.0.10 - Wondershare Software)
Wondershare Video Editor(Build 3.1.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.3.0.16992 - Blizzard Entertainment)
XSplit (HKLM-x32\...\{8BD89760-6B5D-4A3C-8B0D-CDB93BEFC0F6}) (Version: 1.2.1303.0101 - SplitMediaLabs)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yakuza Kiwami (HKLM-x32\...\Yakuza Kiwami_is1) (Version:  - )
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
ZipItFree 1.95 (HKLM-x32\...\ZipItFree_is1) (Version:  - MicroSmarts LLC.)
 
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1970.1.0_x86__kgqvnymyfvs32 [2021-03-06] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-17] (Apple Inc.) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-06] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-06] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => A:\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FileSeek] -> {b211c53f-0052-4187-957f-f5bea28eb679} => A:\Program Files (x86)\FileSeek\FileSeekContextMenuHandler64.dll [2016-08-09] (Binary Fortress Software Ltd. -> Binary Fortress Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [jZip] -> {E677C7AD-2B66-4539-AA29-3771A1CFEDA9} => C:\Program Files (x86)\jZip\jZipShell.dll [2019-01-24] (Bandoo Media Inc) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => A:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2011-12-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2011-12-15] () [File not signed]
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2014-10-24] () [File not signed]
ContextMenuHandlers1-x32: [ZipItFreeContextMenu] -> {9FCB3717-B87B-421E-BB30-61769539EA23} => C:\Program Files (x86)\ZipItFree\ZFreeEx.dll [2007-12-04] (MicroSmarts LLC.) [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [GB3ContextMenu] -> {3A488FE8-9916-4F36-BDFF-3DED559142E5} => A:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll [2012-11-13] (Razer USA Ltd -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => A:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => A:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2011-12-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2011-12-15] () [File not signed]
ContextMenuHandlers4-x32: [ZipItFree] -> {9FCB3717-B87B-421E-BB30-61769539EA23} => C:\Program Files (x86)\ZipItFree\ZFreeEx.dll [2007-12-04] (MicroSmarts LLC.) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\nvshext.dll [2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [FileSeek] -> {b211c53f-0052-4187-957f-f5bea28eb679} => A:\Program Files (x86)\FileSeek\FileSeekContextMenuHandler64.dll [2016-08-09] (Binary Fortress Software Ltd. -> Binary Fortress Software)
ContextMenuHandlers6: [jZip] -> {E677C7AD-2B66-4539-AA29-3771A1CFEDA9} => C:\Program Files (x86)\jZip\jZipShell.dll [2019-01-24] (Bandoo Media Inc) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => A:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => A:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2011-12-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2011-12-15] () [File not signed]
ContextMenuHandlers6-x32: [ZipItFree] -> {9FCB3717-B87B-421E-BB30-61769539EA23} => C:\Program Files (x86)\ZipItFree\ZFreeEx.dll [2007-12-04] (MicroSmarts LLC.) [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-25] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-25] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Emby\Emby Server Dashboard.lnk -> hxxp://localhost:8096/web/dashboard.htm
ShortcutWithArgument: C:\Users\other\Desktop\PlushyKicks - Fulfillman - Google Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=nemceekagfbifkkpbmklhjabmcedfgkm
ShortcutWithArgument: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\PlushyKicks - Fulfillman - Google Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=nemceekagfbifkkpbmklhjabmcedfgkm
ShortcutWithArgument: C:\Users\other\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PlushyKicks - Fulfillman - Google Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=nemceekagfbifkkpbmklhjabmcedfgkm
 
==================== Loaded Modules (Whitelisted) =============
 
2019-05-15 15:51 - 2014-04-17 09:54 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2019-12-07 20:02 - 2019-12-07 20:02 - 008007680 _____ () [File not signed] [File is in use] C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
2019-12-07 20:02 - 2019-12-07 20:02 - 000008704 _____ () [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2019-12-07 20:02 - 2019-12-07 20:02 - 000131072 _____ () [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\SHDocVw\1.1.0.0__1b4e890f49261012\SHDocVw.dll
2021-03-14 05:38 - 2021-03-14 05:38 - 000116736 _____ () [File not signed] \\?\C:\Users\other\AppData\Local\Temp\19dfe1a7-d34a-4dfe-99f2-b86cd7915a41.tmp.node
2021-03-14 05:38 - 2021-03-14 05:38 - 001123840 _____ () [File not signed] \\?\C:\Users\other\AppData\Local\Temp\2c474ad1-5469-41ed-ab8b-30ab0c58d346.tmp.node
2021-03-14 05:38 - 2021-03-14 05:38 - 000123392 _____ () [File not signed] \\?\C:\Users\other\AppData\Local\Temp\42be8d5c-a837-4827-a650-0e61b28e64f6.tmp.node
2021-03-14 05:38 - 2021-03-14 05:38 - 002770944 _____ () [File not signed] \\?\C:\Users\other\AppData\Local\Temp\5d6eee75-7880-442e-afa5-c3d720926179.tmp.node
2021-03-14 05:38 - 2021-03-14 05:38 - 000495104 _____ () [File not signed] \\?\C:\Users\other\AppData\Local\Temp\dee7cb28-6e96-4389-a482-1f78484b6bb1.tmp.node
2021-03-14 05:38 - 2021-03-14 05:38 - 001123840 _____ () [File not signed] \\?\C:\Users\other\AppData\Local\Temp\def84153-4048-433e-9116-c90de172c834.tmp.node
2012-11-25 21:20 - 2012-11-25 19:01 - 000041984 _____ () [File not signed] A:\Program Files (x86)\FFsplit\FFsource.ax
2012-08-16 14:28 - 2012-08-17 00:16 - 000121856 _____ () [File not signed] A:\Program Files (x86)\FFsplit\FFSplit Overlay Filter.ax
2021-02-15 01:29 - 2020-12-24 13:48 - 001980928 _____ () [File not signed] A:\Program Files (x86)\VPN Unlimited\vpnu_private_sdk.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 008358400 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avcodec-54.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 001152512 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avformat-54.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 000151040 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avutil-51.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 000026112 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swresample-0.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 000333824 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swscale-2.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-02-25 00:49 - 2021-02-25 00:49 - 002579456 _____ () [File not signed] C:\Users\other\AppData\Local\Shift\app-6.0.56-stable\ffmpeg.dll
2021-02-25 00:49 - 2021-02-25 00:49 - 000318464 _____ () [File not signed] C:\Users\other\AppData\Local\Shift\app-6.0.56-stable\libegl.dll
2021-02-25 00:49 - 2021-02-25 00:49 - 006821888 _____ () [File not signed] C:\Users\other\AppData\Local\Shift\app-6.0.56-stable\libglesv2.dll
2017-10-18 14:51 - 2017-10-18 14:51 - 000598528 _____ () [File not signed] C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll
2015-05-05 04:41 - 2014-10-24 14:16 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2011-12-25 06:16 - 2011-12-15 13:38 - 000193536 _____ () [File not signed] F:\Program Files\WinRAR\rarext.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000544768 _____ (Alexandre Mutel) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SharpDX.Direct3D11.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000765440 _____ (Alexandre Mutel) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SharpDX.Direct3D9.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000419328 _____ (Alexandre Mutel) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SharpDX.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000254976 _____ (Alexandre Mutel) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SharpDX.DXGI.dll
2020-06-20 05:16 - 2019-01-24 06:53 - 000686080 _____ (Bandoo Media Inc) [File not signed] C:\Program Files (x86)\jZip\jZipShell.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 008656240 _____ (Code Sign Test (DO NOT TRUST) -> ) [File not signed] C:\Users\other\AppData\Roaming\Emby-Server\system\libSkiaSharp.DLL
2020-12-14 19:10 - 2020-12-14 19:10 - 000591360 _____ (Emby) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000113664 _____ (Emby) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SQLitePCL.pretty.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000071168 _____ (Emby.ActivityLog) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.ActivityLog.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000742912 _____ (Emby.Api) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Api.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000375296 _____ (Emby.Codecs) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Codecs.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000144384 _____ (Emby.Codecs.Dxva) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Codecs.Dxva.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000083456 _____ (Emby.Drawing) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Drawing.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000069632 _____ (Emby.Drawing.Skia) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Drawing.Skia.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000117248 _____ (Emby.Ffmpeg) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Ffmpeg.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000242688 _____ (Emby.Ffmpeg.Base) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Ffmpeg.Base.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 006126592 _____ (Emby.Ffmpeg.Lib) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Ffmpeg.Lib.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 001923072 _____ (Emby.LiveTV) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.LiveTV.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000225792 _____ (Emby.LocalMetadata) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.LocalMetadata.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000374272 _____ (Emby.Media.Model) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Media.Model.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000063488 _____ (Emby.Notifications) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Notifications.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000481280 _____ (Emby.Photos) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Photos.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 002146816 _____ (Emby.ProcessRun) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.ProcessRun.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000633856 _____ (Emby.Providers) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Providers.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000114176 _____ (Emby.Server.Connect) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Server.Connect.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 006772224 _____ (Emby.Server.Implementations) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Server.Implementations.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 007676928 _____ (Emby.Server.MediaEncoding) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Server.MediaEncoding.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000423936 _____ (Emby.Server.Sync) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Server.Sync.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000041984 _____ (Emby.Sqlite) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Sqlite.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000155136 _____ (Emby.Web) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Web.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000195584 _____ (Emby.Web.GenericEdit) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Emby.Web.GenericEdit.dll
2020-07-04 17:25 - 2019-02-21 09:00 - 000078336 _____ (Igor Pavlov) [File not signed] F:\Program Files\7-Zip\7-zip.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000083968 _____ (MediaBrowser.Common) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\MediaBrowser.Common.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000835072 _____ (MediaBrowser.Controller) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\MediaBrowser.Controller.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000803840 _____ (MediaBrowser.Model) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\MediaBrowser.Model.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000049152 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Connections.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000020992 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Hosting.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000336896 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Hosting.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000007680 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Hosting.Server.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000187904 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Http.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000193536 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Http.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000067072 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Http.Extensions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000031744 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Http.Features.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 001311744 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Server.Kestrel.Core.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000010752 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Server.Kestrel.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000118784 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000027136 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.WebSockets.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000185856 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.AspNetCore.WebUtilities.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000020480 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Configuration.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000037376 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Configuration.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000017920 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Configuration.EnvironmentVariables.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000023040 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Configuration.FileExtensions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000063488 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.DependencyInjection.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000164352 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.DependencyInjection.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000011264 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.FileProviders.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000058368 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.FileProviders.Physical.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000028160 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Hosting.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000067584 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Hosting.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000093696 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Logging.Abstractions.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000053760 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Logging.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000091648 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Options.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000065536 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Extensions.Primitives.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000188928 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Net.Http.Headers.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000069120 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.Win32.SystemEvents.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 001110016 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SkiaSharp.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000140800 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\System.IO.Pipelines.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000416256 _____ (Microsoft) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\Microsoft.OpenApi.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000153600 _____ (RSSDP) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\RSSDP.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 004810240 _____ (ServiceStack, Inc.) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\ServiceStack.Text.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 001034752 _____ (Simple Injector) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SimpleInjector.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 000328192 _____ (SocketHttpListener) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SocketHttpListener.dll
2013-02-17 23:46 - 2013-02-17 23:46 - 001881088 _____ (SplitmediaLabs Limited) [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\VHMediaCOM.dll
2020-12-14 19:10 - 2020-12-14 19:10 - 001950208 _____ (SQLite Development Team) [File not signed] C:\Users\other\AppData\Roaming\Emby-Server\system\sqlite3.DLL
2020-12-14 19:10 - 2020-12-14 19:10 - 000050688 _____ (SQLitePCLRawEx.core) [File not signed] [File is in use] C:\Users\other\AppData\Roaming\Emby-Server\system\SQLitePCLRawEx.core.dll
2021-02-15 01:29 - 2020-10-12 14:23 - 000361984 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] A:\Program Files (x86)\VPN Unlimited\libcurl.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll
2021-02-15 01:29 - 2020-10-12 14:23 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] A:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2021-02-15 01:29 - 2020-10-12 14:23 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] A:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-01-17 16:04 - 2020-01-17 16:04 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-01-17 16:04 - 2020-01-17 16:04 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2020-07-18 07:39 - 2020-07-03 14:15 - 006165112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] A:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll
2008-10-16 09:25 - 2006-10-12 13:30 - 000188416 _____ (Unreal Streaming Technologies Group.) [File not signed] A:\Program Files (x86)\WMCap\Bin\UScreenCapture.ax
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ca.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-816131170-1439977655-1545633551-1000 -> {05057CAC-32FC-4A76-83F9-C673FB7D9590} URL = hxxps://ca.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-816131170-1439977655-1545633551-1002 -> {05057CAC-32FC-4A76-83F9-C673FB7D9590} URL = hxxps://ca.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2019-03-18] (Microsoft Windows -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> A:\bf4\bin\ssv.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> A:\bf4\bin\jp2ssv.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-14] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-11-07] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\melon.com -> melon.com
IE trusted site: HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\melon.com -> melon.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2021-03-14 05:55 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2015-02-26 17:50 - 2019-12-07 09:03 - 000000505 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 terry-PC.mshome.net # 2024 12 4 5 16 3 43 950
192.168.137.1 terry-PC.mshome.net # 2024 11 1 4 16 23 32 22
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\ASUS\Bluetooth Software;C:\Program Files\ASUS\Bluetooth Software\syswow64;A:\Program Files (x86)\Livestreamer;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\terry\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254 - 75.153.171.114
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AUEPLauncher => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: chromoting => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DES2 Service => 2
MSCONFIG\Services: Ds3Service => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: Giraffic => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: LogiRegistryService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PLFlash DeviceIoControl Service => 2
MSCONFIG\Services: ptservice => 2
MSCONFIG\Services: RaAutoInstSrv_AM10 => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Smart TimeLock => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: vgc => 3
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMwareHostd => 2
MSCONFIG\Services: VPNUnlimitedService => 2
MSCONFIG\Services: XTU3SERVICE => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FiiO Control Panel Autostart.lnk => C:\Windows\pss\FiiO Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk => C:\Windows\pss\PrivateTunnel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ScpToolkit Tray Notifications.lnk => C:\Windows\pss\ScpToolkit Tray Notifications.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ShareX.lnk => C:\Windows\pss\ShareX.lnk.Startup
MSCONFIG\startupreg: Abyssus => A:\Program Files (x86)\Razer\Abyssus\razerhid.exe
MSCONFIG\startupreg: AceStream => C:\Users\terry\AppData\Roaming\ACEStream\engine\ace_engine.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\terry\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Cm108Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "F:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: DFX => C:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: Discord => C:\Users\terry\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: DivXMediaServer => A:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EADM => "A:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Easy-Hide-IP => A:\Program Files\Easy-Hide-IP\easy-hide-ip.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EqualizerPro => A:\Program Files\EqualizerPro\EqualizerPro.exe
MSCONFIG\startupreg: Google Update => "C:\Users\terry\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_87DAA32EE09FADE6711293FAB267E54E => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: Greenshot => A:\Program Files\Greenshot\Greenshot.exe
MSCONFIG\startupreg: Hyperdesktop => C:\Users\terry\AppData\Roaming\Hyperdesktop\hyperdesktop.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: ISUSPM Startup => c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "F:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LGHUB => "C:\Program Files\LGHUB\lghub_agent.exe" --autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
MSCONFIG\startupreg: NBKeyScan => "A:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\terry\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PWRISOVM.EXE => A:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RaidCall => A:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Salmosa => A:\Program Files (x86)\Razer\Salmosa\razerhid.exe
MSCONFIG\startupreg: SandboxieControl => "A:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Shift => C:\Users\terry\AppData\Local\Shift\app-3.4.4\Shift.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => C:\Users\terry\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Steam => "F:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: uTorrent => "C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: vmware-tray.exe => "A:\Program Files (x86)\VMware\vmware-tray.exe"
MSCONFIG\startupreg: VPN Unlimited => "A:\Program Files (x86)\VPN Unlimited\vpn-unlimited-launcher.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "Screen+"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\StartupApproved\Run: => "Shift"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\StartupFolder: => "ClickMonitorDDC.lnk"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "icq.desktop"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "Free Download Manager"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{A8FAAF9C-EC3F-4EA4-8A91-F182D8A250B2}] => (Block) F:\Program Files (x86)\Starcraft II KR\Support\SC2Switcher.exe => No File
FirewallRules: [{94407CF9-D498-4E22-B237-FD26AD3FC10E}] => (Block) F:\Program Files (x86)\Starcraft II KR\Versions\Base77535\SC2.exe => No File
FirewallRules: [{25B08A93-3D26-476F-BF4C-EB6DAB9DFEF9}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\9001\9001.exe () [File not signed]
FirewallRules: [{58B13AE6-AC9F-4248-99EE-295A537EE3DF}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\9001\9001.exe () [File not signed]
FirewallRules: [{607C12C9-3679-4A78-A124-157C081248FB}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3CC1004C-878E-4597-AB32-1C880F51DABD}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{E71D959B-11B0-44AC-A239-5F208F0DC269}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{2E488F43-B92F-4CC7-A3B1-22BCE9AB2DC9}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3FEDA325-07CE-4499-9D87-FB564A7EE6F5}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\DISSIDIA FINAL FANTASY NT Free Edition\dffnt.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{30EB1B96-474A-47F6-BD94-27452A098435}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\DISSIDIA FINAL FANTASY NT Free Edition\dffnt.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{20BE123F-AE14-4589-A9C5-9027682452DD}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{74E102D7-B078-452C-AB05-747845BE4B59}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{8CEA2FFC-7DAD-43B5-864F-D866CB953A80}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed] [File is in use]
FirewallRules: [{46ED7324-C19A-44D5-A6BD-DB9B516E49E2}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed] [File is in use]
FirewallRules: [{7C67B92D-4CD5-48D2-AE1C-52B8D4038252}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed] [File is in use]
FirewallRules: [{31758FF1-9641-4266-ABB1-C0A057BFF64E}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed] [File is in use]
FirewallRules: [{E55B7C7A-4496-48AF-B1BC-CAF85D88E4E8}] => (Allow) LPort=8920
FirewallRules: [{D180CF17-DEBB-40B9-B09F-F5DC59304838}] => (Allow) LPort=8096
FirewallRules: [{26B71AAC-95C2-4CA9-9649-2EBA54F74541}] => (Allow) LPort=7359
FirewallRules: [UDP Query User{30D31F26-6964-4868-A0F7-9E8A1C708E74}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => No File
FirewallRules: [TCP Query User{16F63F79-BCC2-4B2D-AF1B-1F8BEAAB7BB0}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => No File
FirewallRules: [UDP Query User{96125679-B2B7-4A24-93EC-6711B383A15F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => No File
FirewallRules: [TCP Query User{8667B75B-472C-4131-B808-D2E28E514EB1}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => No File
FirewallRules: [{84FB72C2-7ED3-4CF2-BB4C-FCC66F8B0AE7}] => (Allow) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89FFB574-E6FB-4CDA-AD7A-E309A6B449A4}] => (Allow) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA7067B7-A2E9-414B-B37D-2EC546687E4B}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{78ACA873-A4F9-43C5-89DF-20F326B98C0F}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{2462B148-7E1F-4693-9062-01939F672247}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{2D70DF52-A0E0-4FB1-8B52-339248184412}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{E707BFED-10EF-419A-ADAE-3FBD4DCC1B7A}] => (Allow) LPort=53
FirewallRules: [{52E95C02-C90A-4559-AA57-D4DC87AFA4C2}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{66AAEF6B-058B-4B72-B89D-425FEF1BBDB0}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{B48D72F0-494B-4051-82DF-24F6A0D63AEF}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{0CD0566A-2B84-4378-96A9-9C529A8F131F}] => (Allow) LPort=53
FirewallRules: [{58D53C89-FF2C-4EE8-B8BA-7B123EB35C76}] => (Allow) LPort=1542
FirewallRules: [{A77699E4-7A46-4595-AD54-B789E35BCF6A}] => (Allow) LPort=1542
FirewallRules: [{C6EC7E3C-1087-40AF-90AB-59DA6F4E3BE9}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{85AFF8E7-2180-4F46-AC3A-3C8D812A3CC7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3A6AB504-B4D2-4118-8F20-F006847D0443}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E790F0AB-3797-4546-8BE4-2965A0276A4B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [{A62140EC-5E52-4DB0-9CEC-D7B22F03041C}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [TCP Query User{CC757232-4D41-46B9-9D44-9F0D6D6FF2E7}F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe] => (Allow) F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe => No File
FirewallRules: [UDP Query User{651711B2-82DF-4977-B7A4-9694927AAF98}F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe] => (Allow) F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe => No File
FirewallRules: [{98916579-DF3F-445D-82A7-3367521815FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File
FirewallRules: [{5227726E-53A5-4426-8557-B7F876D95ED0}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [{BD9EA227-CD8E-4924-A18F-60DA3ADA7A72}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [{96C57EDC-2890-4E3B-B445-9C9FE873A2BB}] => (Allow) F:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe => No File
FirewallRules: [{8985949F-6970-4F57-87FC-603DCB57FD35}] => (Allow) F:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe => No File
FirewallRules: [TCP Query User{220C5188-57E9-4CEB-9B3F-F076E33E8A11}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [UDP Query User{6AC3A7D6-1E4C-49B9-A685-E7E5BEAC1285}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [TCP Query User{21D5837F-915D-4017-A59E-AD3DC94B26E4}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe] => (Allow) C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe (Kamuse Co.,Ltd -> )
FirewallRules: [UDP Query User{162444A8-C625-4360-A771-318939B7A64D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe] => (Allow) C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe (Kamuse Co.,Ltd -> )
FirewallRules: [{93BB5C6A-F0EA-4408-999D-431076376383}] => (Allow) F:\Program Files (x86)\Starcraft II KR\StarCraft II.exe => No File
FirewallRules: [{E98FBBA1-28B2-4AC5-A8E4-AF5AFC553C2C}] => (Allow) F:\Program Files (x86)\Starcraft II KR\StarCraft II.exe => No File
FirewallRules: [TCP Query User{872DF883-A238-4A10-96AB-6906D74FB954}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{DAC22D38-892B-46CF-86C3-2821B8E218E2}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{3EF8F69D-5EEB-43BF-B9E4-7407E52FEAAD}] => (Allow) F:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion -> Research In Motion)
FirewallRules: [{70111A68-3D25-4578-825A-49717B336BB1}] => (Allow) F:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion -> Research In Motion)
FirewallRules: [{64E9D9A5-C01B-4AE5-9F01-10BDFC64F6AE}] => (Allow) LPort=4481
FirewallRules: [{B8B7493F-861B-4A2D-B623-51CC463F8D5C}] => (Allow) LPort=4481
FirewallRules: [{127CE5AE-85A6-4AB7-A830-E52A8D98E1C3}] => (Allow) LPort=4482
FirewallRules: [{9D43AA1C-A4F5-43C0-9DDE-F2C1B5216389}] => (Allow) LPort=4482
FirewallRules: [{77D98DA6-6E6E-4671-80C7-D1D24B155B21}] => (Allow) F:\Program Files (x86)\MelOn Player4\system32\p3melonasvr2.exe (© PeeringPortal) [File not signed]
FirewallRules: [{57265BC7-0237-4EF7-9A25-054FD806078E}] => (Allow) F:\Program Files (x86)\MelOn Player4\Playback\pino-melon.exe () [File not signed]
FirewallRules: [{04BB8D9C-CDBA-4E5C-B9C8-C4F87DFDC702}] => (Allow) A:\Mass Effect 3\Binaries\Win32\MassEffect3.exe (BioWare) [File not signed]
FirewallRules: [{AD7E522F-DAEE-471B-B0E8-E95A4C3352FD}] => (Allow) A:\Mass Effect 3\Binaries\Win32\MassEffect3.exe (BioWare) [File not signed]
FirewallRules: [TCP Query User{A54D8445-8233-439A-8F16-BEE909E0E494}F:\users\terry\downloads\saviour of strength (alpha2 + source code)\sos.exe] => (Block) F:\users\terry\downloads\saviour of strength (alpha2 + source code)\sos.exe => No File
FirewallRules: [UDP Query User{ADCDADCB-B26D-4CE0-8C60-3F17FDEEDA6E}F:\users\terry\downloads\saviour of strength (alpha2 + source code)\sos.exe] => (Block) F:\users\terry\downloads\saviour of strength (alpha2 + source code)\sos.exe => No File
FirewallRules: [TCP Query User{58302C73-6F9F-4717-B303-3581B5C6A62F}C:\users\terry\downloads\diablo-iii-setup-engb.exe] => (Allow) C:\users\terry\downloads\diablo-iii-setup-engb.exe => No File
FirewallRules: [UDP Query User{9FB7C8DF-6B20-43B8-826E-8ACC6E6D6C3B}C:\users\terry\downloads\diablo-iii-setup-engb.exe] => (Allow) C:\users\terry\downloads\diablo-iii-setup-engb.exe => No File
FirewallRules: [{38F33978-3CD4-4277-B299-81F4100CF2EC}] => (Allow) F:\Program Files (x86)\d3us\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FF831692-D75B-4A18-8A37-6C9B1DF4A99D}] => (Allow) F:\Program Files (x86)\d3us\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{95E35B64-F3AA-4CBE-B70F-A1DC083AD084}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EC30222D-66D0-4024-85CF-D004DD46A37D}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7E8A48D-AFFE-4C86-89EC-72CA61E597D9}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{A751F361-7BA6-46F7-9393-98B32B05E6E5}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{31976A14-FA6B-433E-817D-B8AACEA0EA0A}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{664F90E8-6D48-4C40-AFA6-BAAB1B6E2675}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [TCP Query User{7B2F8893-796F-47FA-94AF-FC1BBDA4651D}A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe (THQ Inc.) [File not signed]
FirewallRules: [UDP Query User{F5C49F86-34D4-45A2-B88C-EC0429D8D234}A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe (THQ Inc.) [File not signed]
FirewallRules: [{49324DC5-C450-4FF1-A335-0AD970E97A57}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe => No File
FirewallRules: [{F4CB8E79-1869-4FE5-93A2-9229AD034CF5}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe => No File
FirewallRules: [{B9F9FC64-A5BE-4E29-B471-5987818DA9D9}] => (Allow) A:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [{57676D5B-C2A5-4685-B503-494432956806}] => (Allow) A:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [TCP Query User{3341BEB8-B30D-48C9-A398-54452504443B}A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe => No File
FirewallRules: [UDP Query User{390E128E-A754-4B52-8162-7D607F3CE752}A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe => No File
FirewallRules: [{28D91ED6-7226-4E70-A688-70349CD0DE14}] => (Allow) F:\Program Files (x86)\Starcraft II KR\StarCraft II Public Test.exe => No File
FirewallRules: [{C1C7C1C6-A92C-41FD-A825-89CF97E800FF}] => (Allow) F:\Program Files (x86)\Starcraft II KR\StarCraft II Public Test.exe => No File
FirewallRules: [{7E2F7A65-9D03-46F2-B840-B7A110D8D004}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{538390C1-7AC0-49EC-9F2A-1DD2C6D417E9}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{7A7881EF-AAA2-4367-ABDC-0CE6DB2205F7}] => (Allow) A:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe (FromSoftware,Inc. -> NAMCO BANDAI Games Inc.)
FirewallRules: [TCP Query User{EA77D870-9853-4A8B-9213-9E796A2FDD8B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe => No File
FirewallRules: [UDP Query User{A7B29C4E-33A7-4B79-A094-B6FDA73E4993}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe => No File
FirewallRules: [TCP Query User{8020DA53-83E7-4DE3-B397-15747A346A0D}A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{7A1D4BD7-24A8-4DFD-9541-38B06AF29858}A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [{F5B98E87-F60C-4932-A4AB-0A7323FE96B2}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{F3061E3B-1351-43AD-9767-4D48EEB30B0B}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{B43B81C0-AB91-4D90-8BAF-05CE56F11766}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{8C9A8D4E-4FAB-4A47-9D9D-9C6AD5A07760}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{2378B6B0-C056-494B-BBCB-5EA3F2210854}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{308FF3A4-7036-4B99-BE56-D590B3F3EA60}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{5C249F3A-E9FE-4425-8BD3-C46E591D758D}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{B3020FC6-9C02-4C6C-A2ED-277C2327E6C8}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{4941C6D0-FC3D-4156-85D3-47032DE80B25}A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{2D1242A3-A155-42D8-8509-297EDCE5CA78}A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [{1DE2E674-1233-4624-B975-8F84E65ED4B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{BBFE00B7-8598-438C-AC88-DCA81D340A61}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{57064C0F-6783-4E73-B467-05BBE9907C95}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{4DB7BBDC-5425-4B20-91FB-BF0DF0727CE7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{9ADA9292-FC23-4594-8E1D-45A4707E0B1C}A:\program files (x86)\ffsplit\ffsplit.exe] => (Allow) A:\program files (x86)\ffsplit\ffsplit.exe (FFsplit) [File not signed]
FirewallRules: [UDP Query User{5437095D-EC91-4624-A200-F88677EDFD55}A:\program files (x86)\ffsplit\ffsplit.exe] => (Allow) A:\program files (x86)\ffsplit\ffsplit.exe (FFsplit) [File not signed]
FirewallRules: [{1999979F-CDC7-4B60-9DE1-C850DF9DD213}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E3DF569-F884-4730-B034-9BBFED98DFF4}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{75E7EF39-9D55-4AD1-8A5F-A9D6DB678F5C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6BD37D36-E891-4862-A2A8-5567978679D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{896999BA-6435-4415-BAB3-5F147ED2E825}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2BA88243-C3BD-4134-8A79-700DC114E7C3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{F2044AD5-89E5-4A9B-BD94-1F1B91886053}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{1C68FEAA-1E72-41C3-997B-D93CBC4C49AE}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{DCA1100E-D2F8-474F-98A0-3B40B7CAE3DF}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{264B9A13-703D-46CE-950C-E5F6FA9C171D}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{D4A72627-64E7-4840-8C79-B1042EAC723E}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AFFCD3E1-52B2-45D2-9D10-55148D89DB37}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F5AE2F7D-B95C-488C-8E52-89DD28E1080F}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F1F68857-A6C9-4709-92BB-725A1E95195B}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{25945F1C-0101-4969-BFA2-8C426BAD9CBA}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{89413AB3-8CF1-4000-8C3F-B8388F432C7C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{AEC20F80-E60C-4219-8270-CC731B3B04C9}] => (Allow) A:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{CB38E95C-3FBB-443F-9313-13D0506F0C4A}] => (Allow) A:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{B38C8EC4-BEBB-4741-B9D8-0BEAFEE5DA12}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{88727A6B-8048-4801-AFC4-D09EFA478B50}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{644F31A6-9455-4FCD-88F3-3CC77E599DD8}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{050434C1-1D27-4C05-8DF2-41CA88F8FE45}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{CFF9DE2D-0997-4947-B51C-D879DDBD0C79}A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe => No File
FirewallRules: [UDP Query User{A8A7BBE4-09FB-4A09-9684-E3D10A4A26EF}A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) A:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe => No File
FirewallRules: [TCP Query User{5DA5A9B5-9182-4598-816F-93A4DD90D0B6}A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe] => (Block) A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{3A594F15-9F59-4589-A012-AF819488A1B7}A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe] => (Block) A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{2113430D-9119-47A3-92D1-E8E2765AB7EF}] => (Allow) A:\Program Files\Ventrilo\Ventrilo.exe (Flagship Industries, Inc.) [File not signed]
FirewallRules: [{C3FEFD35-7AA1-41AD-AA95-DF00C5560021}] => (Allow) A:\Program Files\Ventrilo\Ventrilo.exe (Flagship Industries, Inc.) [File not signed]
FirewallRules: [{F1ED94B3-6B26-4A8E-961E-7B9B38BF030C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{9CDD9369-50FB-4076-AA41-A1A448C198AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{CE4D5D4C-149F-4B63-AE61-F2ABED0CA4C3}] => (Allow) A:\Program Files (x86)\Starcraft II eu\StarCraft II\StarCraft II Public Test.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{67B95486-108D-4EC7-BD69-7AE9B87344BE}] => (Allow) A:\Program Files (x86)\Starcraft II eu\StarCraft II\StarCraft II Public Test.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{206E0351-08E8-4948-A688-16B43E2945F3}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{FFC5F972-7945-4267-A75D-9B086DC9876C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{0A5D5F93-163C-40B1-B78F-89D9BF4575F9}A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe () [File not signed]
FirewallRules: [UDP Query User{B865A625-87E1-4EA1-830E-B4FB9DEFDD87}A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe () [File not signed]
FirewallRules: [TCP Query User{BCCC8576-6211-4145-8899-9C286BB8C26A}A:\program files (x86)\byond\bin\byond.exe] => (Allow) A:\program files (x86)\byond\bin\byond.exe () [File not signed]
FirewallRules: [UDP Query User{2A62F0E0-B03B-48A7-B1B8-73C784F6D013}A:\program files (x86)\byond\bin\byond.exe] => (Allow) A:\program files (x86)\byond\bin\byond.exe () [File not signed]
FirewallRules: [{8C72C192-1DF3-40C3-B912-6279BB2A809E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{E958E293-D313-4F5A-A0CE-A88EA4D2FC86}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{89F13550-4FD9-4847-A0F4-EB4E0BBD5C76}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe => No File
FirewallRules: [UDP Query User{1C324E55-59FC-48B2-8E64-303D6F7BB4CF}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe => No File
FirewallRules: [{B4BF4C47-7FA1-40BF-A054-D08DD91075B6}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA671709-421B-4236-9C03-153BAC1BE689}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A361113F-2C66-4626-82DB-0C51CE02C7B4}] => (Allow) A:\Crysis3\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{D5327641-C73B-4546-A62B-6D611A68E4D0}] => (Allow) A:\Crysis3\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{30EA2DB2-A338-432D-A4D0-F9B11B66ECF6}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{1AF40D82-B4CC-4B8C-9671-B47D8721D6C5}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{DFD643A7-5061-4E61-B1B0-ADED411FFD36}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{59B8BCB2-254F-47C9-BF7C-E2C2A6479026}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [TCP Query User{4A566E49-E989-4603-A28C-3659BC8CB28C}A:\bw\starcraft no install\starcraft no install\starcraft.exe] => (Allow) A:\bw\starcraft no install\starcraft no install\starcraft.exe ()
FirewallRules: [UDP Query User{8099C1EB-B54E-4148-9241-F16DC7A76814}A:\bw\starcraft no install\starcraft no install\starcraft.exe] => (Allow) A:\bw\starcraft no install\starcraft no install\starcraft.exe ()
FirewallRules: [{3AD8E14C-6D71-42ED-B2B2-630D59827B0D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{74345185-B09B-458F-8AF4-A5CB4046C60F}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{5978994A-4227-417A-AD6B-5C8619EA647D}] => (Allow) A:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{5F4B5628-FB30-4D4E-87C1-83EB1432A232}] => (Allow) A:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{DE050A5B-DC89-41BA-A76C-416FAE07BB47}] => (Allow) A:\warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [{6B2F9E02-4937-4094-B2B7-D6663C5FED31}] => (Allow) A:\warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [{2DEA679F-999A-4E08-BE5A-FB65CA804926}] => (Allow) A:\warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [{BE988E87-67E5-454A-8DC8-6468A618C029}] => (Allow) C:\Users\terry\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [TCP Query User{44527F4E-B61D-4ADF-8F9E-57F7B4EFD299}A:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) A:\program files (x86)\saints row iv\saintsrowiv.exe (Koch Media GmbH) [File not signed]
FirewallRules: [UDP Query User{BB29FCF6-49B6-427A-9366-6D7E7292F803}A:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) A:\program files (x86)\saints row iv\saintsrowiv.exe (Koch Media GmbH) [File not signed]
FirewallRules: [{2C02E6B3-274C-4B15-9BE4-EE58A7D33523}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{8DEAC5A6-4DE3-4640-921D-84DF7E795141}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{A67D0586-84FD-403D-B1A7-43249913854F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{F13471BE-4303-4A0A-A9AB-580306EFA56C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{76B40261-4F53-4BD8-8D54-D7222C85D234}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{F442CD31-C821-4D11-80D8-90D93602B721}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [TCP Query User{2DF71AEF-2BEF-4F3D-8012-A07A3256AE6E}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{0D25F8CD-A25E-4294-B510-91DF50A36E68}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{21E8DBA4-79F4-44E8-BC86-0DE9BB5BA9DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe => No File
FirewallRules: [{51C14447-24BE-4934-ABC3-CA5DC2CA4815}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe => No File
FirewallRules: [{D42C7E0E-945D-4787-95B2-32F21C7BEF50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe => No File
FirewallRules: [{6AE6AC97-61B7-4B3E-9C0F-559AB44DF926}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe => No File
FirewallRules: [{93AFFDF7-C3E8-4A12-AC48-6586194EA867}] => (Allow) C:\Program Files (x86)\StarCraft II Public Test\StarCraft II Public Test.exe => No File
FirewallRules: [{0590A941-751A-47D8-A6DE-EC5A8C365CB8}] => (Allow) C:\Program Files (x86)\StarCraft II Public Test\StarCraft II Public Test.exe => No File
FirewallRules: [{682D29E5-734E-4BB3-B17F-ADA5154BFD7B}] => (Allow) A:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [{B5FB16B6-ACA1-45FF-B722-A073B4822D23}] => (Allow) A:\Program Files (x86)\StarCraft II\StarCraft II.exe => No File
FirewallRules: [{5F90E894-1393-4FF4-97DA-DD359E848D32}] => (Allow) A:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe => No File
FirewallRules: [{7C7F9901-9F6E-4226-A1AE-15EE69CED44B}] => (Allow) A:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe => No File
FirewallRules: [{27D74D91-6ABB-48B1-95B8-858FEB185268}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe => No File
FirewallRules: [{9FDC151A-E876-4628-8516-53467711F7DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe => No File
FirewallRules: [{0CAAB8E4-4013-4D7B-BC2D-E33629C0CA56}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{184E594B-9D07-4DE9-B1CE-AEE53612BF5D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{F05555DE-E420-4817-B29E-C4A905A712ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe => No File
FirewallRules: [{E65C91F7-9481-4D97-B082-345A28B43D2C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe => No File
FirewallRules: [{63C0A54B-ACB6-4767-A67E-596CA918D9CE}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{87F1E680-2806-4436-88CE-39CB94D8C7E8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{80D21E0C-1B38-40D6-8B12-A4BBA636403D}F:\program files (x86)\steam\steam.exe] => (Allow) F:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{CBD6BCFC-B806-4663-9531-7BF2545910C5}F:\program files (x86)\steam\steam.exe] => (Allow) F:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F64176D7-06F4-4F40-BEB5-CFCBB0C4E343}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{44B1228E-CD67-4749-A39F-79EEDF382C82}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{F4577E77-850F-48EE-81F8-5493A1BEABF2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{20776ABE-0EA5-4780-AAA6-525DC3CF4813}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{7B26BABC-B7D2-4006-823C-95FBDEB533A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe => No File
FirewallRules: [{F188CD3F-E8BF-4940-B476-42F51200D9F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe => No File
FirewallRules: [{87D1BE90-DDAF-4304-A862-9DBD78C80F6A}] => (Allow) A:\Program Files (x86)\HS\Battle.net\Battle.net.exe => No File
FirewallRules: [{AB0898A3-9182-45E9-9CE3-C90F5EFC9F2A}] => (Allow) A:\Program Files (x86)\HS\Battle.net\Battle.net.exe => No File
FirewallRules: [{17D536ED-92D8-4089-A5F6-1FBCFC3494E1}] => (Allow) A:\Program Files (x86)\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{A5634E57-805D-47C3-AB8E-88CF69D0B473}] => (Allow) A:\Program Files (x86)\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{F179316C-A101-47AA-A400-CB4FD28D176E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe => No File
FirewallRules: [{E9AA1841-826F-4E8C-9D31-6395CAA0602B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe => No File
FirewallRules: [{BD11E91E-4C9C-46C8-8335-0BCA0C334F23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe => No File
FirewallRules: [{C50FD343-43BA-4411-AE65-D357E4CF4390}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe => No File
FirewallRules: [{F838D911-D32D-4CE6-A0C0-5A3C240E605E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe => No File
FirewallRules: [{ED9BDCEF-812E-4FD7-8B31-A0D9D1343904}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe => No File
FirewallRules: [{3AA06847-FF71-49AC-82EE-2F03A288DFF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe => No File
FirewallRules: [{CB142CFF-B25F-416A-B861-D8D61572C02F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe => No File
FirewallRules: [{0BF279FC-D98D-4CF0-B30A-5EDCC33BE670}] => (Allow) A:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{94DC5E06-968C-4356-9291-217FC34D5E4F}] => (Allow) A:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4ABB5A65-B9C5-4B51-B040-215E305CAD35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7F5DAD98-D61E-4D1A-8311-2049D4E1FD7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8AFD301F-3D5A-4826-8C92-B664E3C75F7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe => No File
FirewallRules: [{99880F28-F123-4BD4-9FD2-164ACD652900}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe => No File
FirewallRules: [{79B33FD3-1F94-4638-BB33-73F7F5D6A44D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{901EF084-868E-4B0E-9EA1-01D93A318593}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4AE52126-B83A-4505-8057-475B4ADAE8DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{3358417C-98E8-41E4-BF64-D59D4DB00143}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe => No File
FirewallRules: [{C41BA79A-2FE1-4E1E-BA6B-72085F193E04}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe => No File
FirewallRules: [{8221F10F-B423-4ABB-B38B-2263DD3A36A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe => No File
FirewallRules: [{5BEA2B7E-043B-4C49-B162-91F127944112}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe => No File
FirewallRules: [{DC9F8CE7-AA4A-459F-A169-60874848F2B0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe => No File
FirewallRules: [{D9E48C0F-1334-4CCE-AB97-21819ECA3AD8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{4219ACB0-354F-4B52-A5C3-343F16736A92}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{FECF21D8-1F6D-450B-BF62-D57BC1C048AB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{277A97DF-0DEA-4F22-A787-93907825B463}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{70506823-67D1-4326-9BC8-24A5F4C392A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe => No File
FirewallRules: [{BFBF4B89-88CF-4A68-8407-7A6C0A74B0DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe => No File
FirewallRules: [{A955CF8A-36D6-4D16-8833-0478FCB11661}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{E083925E-7E61-4BD2-B93D-7D3B1E875AC3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{F3D50288-B90F-4E23-B331-E762E03653B5}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\dota 2 beta\dota.exe (Valve -> )
FirewallRules: [{78C2C84E-AB3B-46A6-A378-CF7484E8944D}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\dota 2 beta\dota.exe (Valve -> )
FirewallRules: [{62CE7266-74BF-4C8C-A23C-57431701B860}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe => No File
FirewallRules: [{210D98BC-9CCB-4C80-A6DB-0446399A519A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe => No File
FirewallRules: [TCP Query User{6105DDDB-5C81-44D9-BE45-0D2FDF050D4B}F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe] => (Block) F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe => No File
FirewallRules: [UDP Query User{1AB79EF4-E380-4D1A-B348-E9A1DEBF2C79}F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe] => (Block) F:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe => No File
FirewallRules: [TCP Query User{5ECDA845-3983-4ACD-A554-13103389BADF}A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{55C8F759-B315-4F54-B456-FB680FC2F3F2}A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{A90B33B0-A545-4EA9-8BB6-543C7B999931}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{404A9D1F-3B65-44EA-B73E-A3643596E536}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{C62BF1FC-86A7-4880-A84F-DA5E22FF3950}] => (Allow) A:\bf4\Battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{DDED6AB2-D56E-4209-B7A7-9EC3566B76B5}] => (Allow) A:\bf4\Battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{21D88C38-6E13-492F-9F7C-9DFABA78D3AA}] => (Allow) A:\bf4\Battlefield 4\bf4.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{7731E2EE-5B4F-4A1B-AA24-14540045FDD9}] => (Allow) A:\bf4\Battlefield 4\bf4.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{B2EF81E2-870D-4A34-99BD-979E3CDB91ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe => No File
FirewallRules: [{7C1F79F1-DFEB-4510-B561-2AD17982DF19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe => No File
FirewallRules: [{8DAE217E-A3CF-4418-9D08-79D26640BE89}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{29977297-47C5-446A-9A6C-4D4A2C7826B6}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{6AF3F741-5539-4CBA-A99C-6AD32A5944AF}] => (Allow) A:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe (Microsoft Corporation -> Lionhead Studios Limited)
FirewallRules: [{BD94A1F7-34A8-47D0-ACCA-5C29496B2396}] => (Allow) A:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe (Microsoft Corporation -> Lionhead Studios Limited)
FirewallRules: [{733E5E51-2054-4EBF-8138-0D84EDCB3C80}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{C7B7A0A1-2210-4B55-BBA4-0A81E3DB93FC}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4C818155-6699-48AB-8C1A-995A8DE502B8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe => No File
FirewallRules: [{D83A28ED-ED79-430C-95D4-C7B5A3B165A2}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe => No File
FirewallRules: [{3CEFE405-FA0C-405D-91C0-F8E3517A9D7B}] => (Allow) A:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence -> Telerik)
FirewallRules: [{B01A923E-8667-4E3B-87B4-7A64ACA30519}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{7E04A13A-05EC-4D0D-A670-1D45E47315B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe => No File
FirewallRules: [{FDB4BC51-F285-4705-9773-DDF4703DB6CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe => No File
FirewallRules: [{70876AD6-DEC3-4B58-A523-81C2375173B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe => No File
FirewallRules: [{4A37E9AF-AE86-4237-8727-3F2DC69E4F6B}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe => No File
FirewallRules: [{CDB8FB2B-444B-460A-B288-8C5834DBBA9D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe => No File
FirewallRules: [{AC9FC50B-C1B5-4E21-AF4C-3A93D1377222}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe => No File
FirewallRules: [{8335EE04-1F83-4C22-9112-708FD727A30A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe => No File
FirewallRules: [TCP Query User{CFC3A637-4FF8-42D4-8F7B-3AB790C170B7}C:\users\terry\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\terry\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [UDP Query User{D98276BA-0E45-4F26-9EFE-463C6C527F17}C:\users\terry\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\terry\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [TCP Query User{D169BF05-CEFB-44CA-8E83-589DA2E51983}A:\aeriagames\chaosonline\patcher.exe] => (Allow) A:\aeriagames\chaosonline\patcher.exe => No File
FirewallRules: [UDP Query User{0639FA80-D7C8-49D7-84A4-8C409B35FEA0}A:\aeriagames\chaosonline\patcher.exe] => (Allow) A:\aeriagames\chaosonline\patcher.exe => No File
FirewallRules: [TCP Query User{25D7AC90-17BF-46E4-98E5-157C20DD7174}A:\aeriagames\chaosonline\chaosonline.exe] => (Allow) A:\aeriagames\chaosonline\chaosonline.exe => No File
FirewallRules: [UDP Query User{6FDF47B8-8D85-4BE4-A9A6-96544DFA643D}A:\aeriagames\chaosonline\chaosonline.exe] => (Allow) A:\aeriagames\chaosonline\chaosonline.exe => No File
FirewallRules: [Daum PotPlayer(PotPlayerMini64.exe)] => (Allow) A:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe => No File
FirewallRules: [{C507B545-6B0F-4655-9113-A165F43B24E1}] => (Allow) A:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe => No File
FirewallRules: [Daum PotPlayer(PotPlayerMini.exe)] => (Allow) A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [{A0546A19-1F73-4621-A70D-FE6A0E9BCAC9}] => (Allow) A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [{0B6B2C4E-6A49-4ABF-8584-5C756AA091D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe => No File
FirewallRules: [{5B30C60F-150B-4581-8EC9-51CFAB5AFA0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe => No File
FirewallRules: [{E2DA0A6D-A7A1-4AD6-A0B3-B859FFC63B73}] => (Allow) A:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{955D5DCA-4319-4B18-88A7-04E6DF232AAD}] => (Allow) A:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{734676D1-0DFA-4351-8AAB-BB1B1F2C9A75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe => No File
FirewallRules: [{DA073F26-7D88-46FC-A8A8-A2F7F0A71DE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe => No File
FirewallRules: [{ECD0602D-77F2-4D73-BAF5-3ADF326969D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe => No File
FirewallRules: [{4C46FAE5-C0A2-4ADD-AA8B-8E24A0F559EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe => No File
FirewallRules: [{87BF09B4-446B-4E7D-8F25-85F8E15860EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe => No File
FirewallRules: [{C798E059-6509-4922-8582-C3A1FBEA493A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe => No File
FirewallRules: [{F391EF7F-DF8D-4E9B-925D-C298493FA271}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe => No File
FirewallRules: [{73DA407C-0665-4685-A792-70339B4B9937}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe => No File
FirewallRules: [{9420C1CA-B337-442B-8B94-7FF7A44091A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [{C8970B4D-DB96-4ECC-9C41-9AA76FD8284F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe => No File
FirewallRules: [TCP Query User{AC129250-4C26-4285-89EB-80428E5AAA55}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E2B83EAA-FF4E-4B22-9D91-AE781F67839B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe => No File
FirewallRules: [TCP Query User{C41F186E-15E4-42E4-B68B-B6560741619C}A:\program files (x86)\real boxing\binaries\win32\realboxing.exe] => (Allow) A:\program files (x86)\real boxing\binaries\win32\realboxing.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{F981DE12-892A-406E-ADBA-A52F90225AFA}A:\program files (x86)\real boxing\binaries\win32\realboxing.exe] => (Allow) A:\program files (x86)\real boxing\binaries\win32\realboxing.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{528C30F0-93E8-4F93-B3EF-0498262E21CE}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{49D6D8BB-5178-4BCB-8B31-8E1918585808}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{D46BA574-F379-4DAB-86C3-713522F7CA49}C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe (Octoshape ApS -> Octoshape ApS)
FirewallRules: [UDP Query User{4157B4E3-F779-48A3-893B-227D5E3EFE1B}C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe (Octoshape ApS -> Octoshape ApS)
FirewallRules: [{FC2EA3C0-7F65-4CEB-BB3A-A97326E73FDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe => No File
FirewallRules: [{312AAA36-1B82-4F88-A88A-FC518C2C1798}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe => No File
FirewallRules: [{A1F27807-824D-4368-ACAC-1D747B74008B}] => (Allow) LPort=8145
FirewallRules: [{4797FB1D-15DA-4F22-A26E-D1D00F791985}] => (Allow) LPort=5000
FirewallRules: [{10F3B3C3-9135-4737-83AF-AA48827C954A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe => No File
FirewallRules: [{1450C536-6E06-4434-A529-A1EBD952ED81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe => No File
FirewallRules: [{6FC3BEDC-5E02-4EAE-AEA4-8BB69BEB1CA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{F82B4DFC-4214-4328-8886-B09C354C996E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{A2484336-3F17-4B80-A1E4-C4120E964404}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe => No File
FirewallRules: [{25EA25B3-E717-4E90-98A2-AE855B78DCB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe => No File
FirewallRules: [{A5DBFEBB-5807-410E-9578-B0DE42D97C7D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{A6E05BF0-19ED-48C9-9E8B-1B909A92841F}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{CCCADBB1-D89A-42FD-99CC-716B1983CDC4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAACCBF2-7F5A-4A32-96C2-EF7BA3613505}] => (Allow) LPort=2869
FirewallRules: [{A3C22D35-9372-4496-BA32-53700FEBB96A}] => (Allow) LPort=1900
FirewallRules: [{ABEFCFBD-EFFF-42DA-BA46-9D87E6EFF275}] => (Allow) A:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe (2K Sports) [File not signed]
FirewallRules: [{B4490D1B-C93B-4470-AFC0-607E1724E6D9}] => (Allow) A:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe (2K Sports) [File not signed]
FirewallRules: [{AC32FEBF-E9AE-48E7-8B91-FEA6E5A17ED4}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{9F9C8636-5C02-476C-99A5-F79988933598}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{4C1C332A-75BC-469D-963F-71360044AF2D}A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare Software)
FirewallRules: [UDP Query User{1DE600E2-12E1-4507-8477-61DF730F4895}A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare Software)
FirewallRules: [TCP Query User{CB281F89-BE82-46DF-A435-79C57AEB6BA6}A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> MediaServer)
FirewallRules: [UDP Query User{3E973AE3-35A4-475F-96EE-6BF6E6FA5543}A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> MediaServer)
FirewallRules: [TCP Query User{A464AE88-6116-461E-BE87-38C9A09D3266}A:\mass effect 3\binaries\win32\masseffect3.exe] => (Block) A:\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [UDP Query User{C1933A38-F842-4046-A390-A551003B5EB0}A:\mass effect 3\binaries\win32\masseffect3.exe] => (Block) A:\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [{DB73E45D-C61E-4ECA-A06E-89484D545F87}] => (Allow) A:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{EFE86E04-6043-4480-B7AB-97C08B58BEEF}] => (Allow) A:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{FC4FCF82-D5C5-4A7A-A8CD-AB37E9B359CE}] => (Allow) A:\Program Files (x86)\StarCraft II - Legacy of the Void Beta\Versions\Base37164\SC2.exe => No File
FirewallRules: [{B6AA97AF-7512-4D8A-82F2-EBCDEBE92F97}] => (Allow) A:\Program Files (x86)\StarCraft II - Legacy of the Void Beta\Versions\Base37164\SC2.exe => No File
FirewallRules: [{67376B45-FB90-4291-B745-3785CDCBF0FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{35947880-113F-42D5-AEE8-A56B1C77FCE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{6B0068CE-60F2-4A85-99C0-EAA78DEE3013}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\left 4 dead\left4dead.exe () [File not signed]
FirewallRules: [{13B4DC25-479F-48FF-9A61-2241B94D99EF}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\left 4 dead\left4dead.exe () [File not signed]
FirewallRules: [{29BA4B67-615A-423D-B567-8F3954635B2F}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FCC44B0E-8270-48F4-A829-0C2C8BD51DA4}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF864EB4-DCAA-4910-BBE5-C7C0D7AE4DB7}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{59C19018-2E46-4A43-9FAB-6B929214AED5}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E88264E9-C6D9-44FF-8B8D-CC8386442D1B}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0109BECA-E48B-4E8C-B094-7F38F2175828}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CE2F6D64-2019-41C2-8BDD-961BE4FEDD9F}] => (Allow) C:\Users\terry\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{E964FF94-CAD0-4BD2-8AEA-9A0C2A3225BE}] => (Allow) C:\Users\terry\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{3EE7BA5C-7962-4005-BC0A-48504B44D629}] => (Allow) A:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories, Inc. -> Dolby Laboratories)
FirewallRules: [{22AC7EDB-DC7C-4ADD-9882-698CE6354720}] => (Allow) A:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories, Inc. -> Dolby Laboratories)
FirewallRules: [{8E6D1F8A-8E62-4118-9D2C-C0A89194421F}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Creativerse\Creativerse.exe () [File not signed]
FirewallRules: [{2A4FCCC0-9E71-4293-B226-BD0F60B876CA}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Creativerse\Creativerse.exe () [File not signed]
FirewallRules: [{65E9E4EA-53F4-4374-B655-65DEAB52932B}] => (Allow) C:\Users\terry\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [{F3CE6A89-3168-49AB-9A3E-97DA1050D3EB}] => (Allow) C:\Users\terry\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [TCP Query User{BE11D152-BD14-4789-8F45-A2CFB48C9743}A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File
FirewallRules: [UDP Query User{750E9845-2F0E-468A-AC4D-FE6BFE7EB54D}A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File
FirewallRules: [{8FAA06FE-920D-4996-8226-265410BC9D73}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{19C16764-1678-4B20-8753-7C8F6F15D1A0}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{19D10B66-4F58-472E-9DA5-E0FDDF6C8161}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9128F3F3-9E50-4C92-BED4-12235EDE4E4A}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D17225F9-F3AE-4523-BC02-D3CE40E26230}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F37CCF67-B50B-42C3-8D20-94E5B6F54CB0}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2A52A0D0-CC5E-4B6D-86FE-1A3E8F1E11B3}] => (Allow) A:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{CEE763D0-33C7-468E-9722-9BD16242094E}] => (Allow) A:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{DEB6146B-FB14-48A1-8367-2FF3D5EAE394}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{8376C750-DC9C-48F0-ACE7-5F427AEDAD2F}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{F44E381D-705D-4B6F-930D-843C26504965}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{D217D226-43AD-41BB-972E-94CB0F21E442}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86872253-2A82-482D-8BE5-55C6D202BA64}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\TreeOfSavior\release\patch\tos.exe (IMC Games Co., LTD -> ) [File not signed]
FirewallRules: [{8C5B20B0-DF7C-4B6A-BCC4-125A48B7B67A}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\TreeOfSavior\release\patch\tos.exe (IMC Games Co., LTD -> ) [File not signed]
FirewallRules: [{5565FB98-DA9D-4C18-B350-D653D4C6BC97}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Dropzone\bin\DropzoneSteamClient_x32_rel.exe (Sparkypants Studios, LLC -> SparkyPants Studios)
FirewallRules: [{92020E8F-5920-448C-8130-54AF78F83161}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Dropzone\bin\DropzoneSteamClient_x32_rel.exe (Sparkypants Studios, LLC -> SparkyPants Studios)
FirewallRules: [{8645B6C0-3239-4A46-B1D9-8CBBA5ECCF4F}] => (Allow) A:\Program Files (x86)\Starcraft\StarCraft\StarCraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{44D0032A-D565-417D-AE69-64931AE79019}] => (Allow) A:\Program Files (x86)\Starcraft\StarCraft\StarCraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B30C07D9-87C3-4C9A-8D40-63546D1677D4}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3259EA86-617A-4A49-BD18-9A86755ABA4D}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E862ED37-AF61-4F25-B280-C54D5D1EE578}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{19ED1F05-E41A-468E-9B55-94D726EA1643}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{CB42D714-463A-4D4C-A3B6-DFCD1A93641D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe () [File not signed]
FirewallRules: [UDP Query User{AD9B6E56-2E39-413A-912C-F3EAEC087E01}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe () [File not signed]
FirewallRules: [{CCE5E16D-453A-4D48-B103-BA65FF8E5608}] => (Allow) A:\Users\terry\AppData\Roaming\Nox\bin\Nox.exe (Duodian Online Technology Co. Ltd. -> Duodian Technology Co. Ltd.)
FirewallRules: [{F8109B4D-E60E-4843-AE9B-B6D75699C0A1}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe => No File
FirewallRules: [{DF36F555-8DEA-49F7-ACF4-99B41254D129}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8481414A-20EB-4807-8803-DD47AC57BDDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3C77BD7E-F870-4E98-89D3-112ED26AE969}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A02DD096-0C68-44B1-B14A-1F144B114C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68A23CAA-B698-4680-9125-03E0EFA4E61A}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{61CB1117-819E-4836-B649-17FF83536403}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [TCP Query User{84EEB606-DE6F-470A-B213-8E26632983AF}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Allow) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{AED7B9DD-7223-488A-A52E-2652F75E2A43}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Allow) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [{7A1AAF6F-F3BA-4330-8DD5-349DCDCFB18A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9EF17675-D70B-4BD6-8ED1-54AC89068181}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6FE4982B-7C03-42AF-8747-6C9471D02E36}C:\users\terry\appdata\local\bisq\bisq.exe] => (Allow) C:\users\terry\appdata\local\bisq\bisq.exe => No File
FirewallRules: [UDP Query User{8C74A54E-F4A4-4DA3-A59E-CA044B205D4C}C:\users\terry\appdata\local\bisq\bisq.exe] => (Allow) C:\users\terry\appdata\local\bisq\bisq.exe => No File
FirewallRules: [{EE8BEACE-F82F-4CCA-B0EE-08298FE9043F}] => (Allow) A:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{2ADE3F10-F5D7-4904-BA8D-22EDB430EE10}] => (Allow) A:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{B88D47DB-40CE-43A5-9519-0FCC7E37D6E6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe () [File not signed]
FirewallRules: [{FED873A1-047B-441A-9E5F-3BDC75BA290C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe () [File not signed]
FirewallRules: [{5739D4B2-F391-490A-B927-5C023E712336}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe () [File not signed]
FirewallRules: [{8FF2ACF4-25C2-4A11-BA26-5A60C0942325}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe () [File not signed]
FirewallRules: [{5E2A886C-8332-4CD2-BF7D-42379E8ED99B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [File not signed]
FirewallRules: [{8A77E3E2-7BC4-4AD3-AE52-25FB695C9D7E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [File not signed]
FirewallRules: [{69FAD7E7-1B08-4359-9248-DE7794632546}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [File not signed]
FirewallRules: [{D55C7230-D98D-4F45-830A-AABCF749618D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [File not signed]
FirewallRules: [TCP Query User{597EE800-CF20-48AF-8031-532368D3A462}A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D5466F85-A52A-46C1-8710-E6230D231F24}A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{CBBE083C-2136-4AAF-8195-7795A97FA59F}A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9511A9AA-B688-4361-8638-1593C2089A4A}A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7E9B1261-31EF-4A8D-98E5-22D864222DF4}A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A591786-2855-4012-A3B4-F8347989FC21}A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F5ED45AC-A0BA-4678-9C0E-2C1C3107D03E}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [UDP Query User{B2A9403A-5867-4D04-9748-EDA5F16BFEFF}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [{1C4B0CC7-3356-42C7-904B-CD1DE3165971}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{55E841F3-11D8-4004-A905-F06E1D240718}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{2352A751-BB20-4EA2-A26A-B27FADD0F9A5}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C9EBCBB0-A326-40CD-A221-0A60CA296DA1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{40A5266C-77EB-4B31-91A1-2A5BC3F38AE1}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{5FE273B7-CBDE-4B13-B188-C0F1C7256CA4}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{3B0CE42F-6770-48D8-8B3B-58D3F2CCD77F}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{F484E807-23B6-45AB-8DDC-942EAE50A00E}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{C07A6442-EE2E-474E-AD6A-EF229C7B7E5A}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Block) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{3995E306-9F48-4201-943E-1276A2D6CCFF}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Block) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [{4169D53A-E05A-4E68-BB9E-31A87B9FA3A4}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{DFB0844F-6E96-4F0A-A148-5C87FC1442C2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{57F4C971-2B0D-41CB-A6A7-A027562CED79}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{25C840CA-1FBC-49E2-BF22-43BF6D36F258}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{097A3B9E-0598-4DCB-9202-B3ABA8785287}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{418BCD4E-586A-486E-BE3D-304C6547A851}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{318A8CB6-3E33-4202-AC29-8BB5ED061A1A}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4E38FF37-AB9C-4EF6-97E1-27DFC6923C48}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{F9A7035F-3B43-41D1-81C9-86CAAEC3F8C3}A:\bf4\bin\javaw.exe] => (Block) A:\bf4\bin\javaw.exe
FirewallRules: [UDP Query User{861D9680-D660-4F63-9CFA-778E06DDA75D}A:\bf4\bin\javaw.exe] => (Block) A:\bf4\bin\javaw.exe
FirewallRules: [{E095D1F0-3A07-4216-9BCB-87D20FD079A7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{60B9A1B4-50A0-42A3-BF8F-69A500D4A8E7}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{84E3191A-CF65-4C1E-8D36-1423785F8DB0}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7806ED4A-20CC-44C4-BBC5-641797C33AF5}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{8B1ACDFF-703A-4D0D-AD59-626741BDE84E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [TCP Query User{C2F8799A-5F68-469B-A397-79404B7484FA}F:\program files\videolan\vlc\vlc.exe] => (Allow) F:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{27826629-5971-4398-B1FE-7F2B6DE4705D}F:\program files\videolan\vlc\vlc.exe] => (Allow) F:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{716208A8-94B6-42A3-93CF-09DBBB0CB28B}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe (Actions Microelectronics Co.,Ltd. -> Actions-Micro)
FirewallRules: [{A0CB6554-7D51-4DB9-A14C-EA045D38AF07}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe (Actions Microelectronics Co.,Ltd. -> Actions-Micro)
FirewallRules: [{8CDB97C8-C253-46E2-907B-8D0D3BFF472E}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe (Actions Microelectronics Co.,Ltd. -> Actions-Micro)
FirewallRules: [{40ED7CB3-0C5B-4CD0-9F05-8E6B03DAAD83}] => (Block) F:\Program Files (x86)\Starcraft II KR\Support\SC2Switcher.exe => No File
FirewallRules: [TCP Query User{998B5DC3-5E59-46B4-A29B-D5ACC32C39F6}F:\program files (x86)\starcraft ii kr\versions\base77661\sc2.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base77661\sc2.exe => No File
FirewallRules: [UDP Query User{0FD4777C-B5E5-4E7C-960B-85BE9CDA9C85}F:\program files (x86)\starcraft ii kr\versions\base77661\sc2.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base77661\sc2.exe => No File
FirewallRules: [TCP Query User{3388DBDB-586E-48FF-ACC3-8DA69E3DA859}C:\users\other\appdata\roaming\emby-server\system\embyserver.exe] => (Block) C:\users\other\appdata\roaming\emby-server\system\embyserver.exe (EMBY LLC -> Emby)
FirewallRules: [UDP Query User{7341E632-D808-400B-925F-299DECA88BCB}C:\users\other\appdata\roaming\emby-server\system\embyserver.exe] => (Block) C:\users\other\appdata\roaming\emby-server\system\embyserver.exe (EMBY LLC -> Emby)
FirewallRules: [{D6E9B9C3-357D-4DB5-B9A8-B3614F037725}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A50B45B-4912-4C19-B63E-44C0591D819D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{91FD13FC-2B32-4BA9-B5F8-E4394E8EE503}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C22967EE-C4C8-41E2-A427-9CD8EECEDEEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1E827565-E1C6-4729-9DEF-ABD8638DA1C4}F:\program files (x86)\starcraft ii kr\versions\base78285\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii kr\versions\base78285\sc2.exe => No File
FirewallRules: [UDP Query User{C1EDA120-D945-42DA-B287-9ED8F8A5EDEC}F:\program files (x86)\starcraft ii kr\versions\base78285\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii kr\versions\base78285\sc2.exe => No File
FirewallRules: [{25984059-AA23-407D-8B3B-B6172A38E0C3}] => (Block) F:\program files (x86)\starcraft ii kr\versions\base78285\sc2.exe => No File
FirewallRules: [{470B7546-96DA-4284-803D-12CD90FB1828}] => (Block) F:\program files (x86)\starcraft ii kr\versions\base78285\sc2.exe => No File
FirewallRules: [TCP Query User{DFF5A548-79CA-424B-B604-06474B72F61A}F:\program files (x86)\starcraft ii kr\versions\base79998\sc2.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base79998\sc2.exe => No File
FirewallRules: [UDP Query User{E92CBBEE-36B0-40A3-BAE7-86E2FE10580B}F:\program files (x86)\starcraft ii kr\versions\base79998\sc2.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base79998\sc2.exe => No File
FirewallRules: [TCP Query User{9F9A60E1-F496-4A7B-8CF6-401A5066B303}F:\program files (x86)\starcraft ii kr\versions\base80188\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii kr\versions\base80188\sc2.exe => No File
FirewallRules: [UDP Query User{0409C62C-B54D-4A4C-B36D-3FB80BC54AC9}F:\program files (x86)\starcraft ii kr\versions\base80188\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii kr\versions\base80188\sc2.exe => No File
FirewallRules: [{49EC9193-3F3B-4AFB-9106-C62E966EA3FD}] => (Block) F:\program files (x86)\starcraft ii kr\versions\base80188\sc2.exe => No File
FirewallRules: [{AABD6764-6533-4B04-9A3B-B732FECD0DA3}] => (Block) F:\program files (x86)\starcraft ii kr\versions\base80188\sc2.exe => No File
FirewallRules: [{E1B8F73F-4824-455E-AF3B-619F50BE12DF}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{ED59BE88-24AE-4A96-BEF5-0E808BDBC6AA}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{9A52ED78-43C9-4F73-89E3-4742D2B0B7CA}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{ABBBFBFC-CA7B-4057-8FA2-EA26776C7AB2}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{B26A699F-6454-47C7-8E27-5F240C8C7B4F}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{F15F8505-65AB-4165-9816-BA3F43B934DB}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [TCP Query User{C643F43F-5C90-4B6F-8102-6FD9D7DA01A0}F:\program files (x86)\starcraft ii kr\versions\base80949\sc2.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base80949\sc2.exe => No File
FirewallRules: [UDP Query User{5F03C57C-A845-4D9C-8F57-4768B1976E1F}F:\program files (x86)\starcraft ii kr\versions\base80949\sc2.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base80949\sc2.exe => No File
FirewallRules: [TCP Query User{B2C0ED4B-7FA0-4301-A7EB-20AC0AD46159}F:\program files (x86)\starcraft ii kr\versions\base80949\sc2_x64.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base80949\sc2_x64.exe => No File
FirewallRules: [UDP Query User{C48F0D2B-C133-415A-AB92-5EBA1A4002B2}F:\program files (x86)\starcraft ii kr\versions\base80949\sc2_x64.exe] => (Block) F:\program files (x86)\starcraft ii kr\versions\base80949\sc2_x64.exe => No File
FirewallRules: [TCP Query User{983FD697-4C96-44E3-AAB4-DACDA364D2D5}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base80949\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base80949\sc2.exe => No File
FirewallRules: [UDP Query User{67941D36-F324-489E-A48F-CE407E09AB99}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base80949\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base80949\sc2.exe => No File
FirewallRules: [{1DD04B1D-9BEB-4BDB-A9EA-5CD7871EE3E1}] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base80949\sc2.exe => No File
FirewallRules: [{8333BE34-506F-49D3-BE63-00EBA3A99CA9}] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base80949\sc2.exe => No File
FirewallRules: [TCP Query User{4D595D46-99B4-48CC-A5EA-63425435142F}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81009\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81009\sc2.exe => No File
FirewallRules: [UDP Query User{AC99E93E-1165-4925-9885-B08E9AE793E8}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81009\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81009\sc2.exe => No File
FirewallRules: [{5108F370-9551-4744-AB85-A92F6BD4C747}] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81009\sc2.exe => No File
FirewallRules: [{B08C3CF6-83D4-4214-BBBA-323D58255733}] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81009\sc2.exe => No File
FirewallRules: [TCP Query User{0B9D4CDB-AD38-4534-8F47-7B5345C382D5}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81102\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81102\sc2.exe => No File
FirewallRules: [UDP Query User{1BA875AA-B78D-4D2E-8D56-FC74C84D3A5F}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81102\sc2.exe] => (Allow) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81102\sc2.exe => No File
FirewallRules: [{D39744B1-CEFA-4641-82F9-B4AD9CA73B2F}] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81102\sc2.exe => No File
FirewallRules: [{47090ED6-97D2-4B02-AB94-FB8184303155}] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81102\sc2.exe => No File
FirewallRules: [TCP Query User{63CAE390-FA89-49C1-9A02-80D5D5DD86F6}F:\downloads\bin\bin\networking_mvp_win.exe] => (Allow) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [UDP Query User{7632BDE4-7447-4E04-BA06-CE00AE58895E}F:\downloads\bin\bin\networking_mvp_win.exe] => (Allow) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [{7E4C0685-A443-4E6C-9B04-7D5BB2737BE8}] => (Block) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [{160F0974-0861-4677-AF04-07E686288D56}] => (Block) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [TCP Query User{A576A33C-E504-49A0-B980-ED0AA1015811}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{09D477DA-6A2B-42E5-87C8-08F026CAB6CD}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{9FC1D25A-E43C-486C-A027-AF1CBEB0F028}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{D513BF05-4879-4A43-AA11-82F633C428E5}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{CD040E0C-ABCC-4A37-9848-D1FCE3786137}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{B81BD31E-71BA-4F33-B5A1-EDEAB8836E3B}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{B3DEEAF3-3882-40E1-B695-30F7F46A51FC}] => (Allow) C:\Program Files (x86)\Tencent\WeChat\WeChat.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{BB5FA44B-83DD-4008-974C-D25F44DC7A3B}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe => No File
FirewallRules: [UDP Query User{4D8B6ED5-8876-44D3-A86C-D1610F0E7382}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe => No File
FirewallRules: [{C860F1EB-C5F0-434A-9C8F-5C72D01BA703}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{716ABC17-F921-496E-A1C1-170D3AFCDD1E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48E1097C-1254-458D-8789-4D6FAF20385B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01BAD4C1-3F28-4CE6-8DC8-D00332702DFF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{106DDB52-30B4-4152-955A-F8A12A17AD8D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3991AF67-EEA2-4455-971C-AC11E57E0E07}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FFB670E7-6A99-4C48-BF4F-9380F7C57025}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFA1CB4B-E7A8-488C-B93F-29E03A414B00}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{361169EC-D873-42CC-A962-7C55B8CBC1B3}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82893\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82893\sc2.exe => No File
FirewallRules: [UDP Query User{4AAF3EFC-28C7-4654-A6B2-0B7993362745}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82893\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82893\sc2.exe => No File
FirewallRules: [{A7FE8D37-20F8-4EFB-8D34-8FAF385A66F2}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\folikr.exe => No File
FirewallRules: [{928CE4A9-2BFF-49FD-B19C-ED4C5D255BFF}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\folikr.exe => No File
FirewallRules: [{0CC03789-33FF-43CA-ACE8-236277CB4A2E}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\vfolikr.exe => No File
FirewallRules: [{6E2F4E76-AFC7-4FC4-AF4E-27FA074D9F3A}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\vfolikr.exe => No File
FirewallRules: [{8E679DF5-8D46-4540-81E2-0B5F9E93BC08}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\rt\lib\bin\vfolikr.exe => No File
FirewallRules: [{927D5090-1952-41FA-AE6A-DF7C8BB482B1}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\rt\lib\bin\vfolikr.exe => No File
FirewallRules: [{4DDAFB8A-013F-4475-9759-CE8D09F99D0C}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\folikr.exe => No File
FirewallRules: [{A58B1B08-9EEE-44D1-AF5C-F2E86BA13D27}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\folikr.exe => No File
FirewallRules: [{BC603C62-E114-4E05-844A-668E4CBB636A}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\vfolikr.exe => No File
FirewallRules: [{C1599DD1-6E28-438C-AE62-F6DAFDBC79E9}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\vfolikr.exe => No File
FirewallRules: [{CF79318C-07C0-4C44-A7EC-31335D051E64}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\rt\lib\bin\vfolikr.exe => No File
FirewallRules: [{284E535D-C082-4B50-BBC8-885AFDF6D9F9}] => (Allow) C:\Users\other\AppData\Roaming\Follow Liker\rt\lib\bin\vfolikr.exe => No File
FirewallRules: [{94E97603-14FF-4BEC-88BD-45250BAC60F8}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{FCCA0679-9F42-45CF-9069-1528CE2DA4A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{365A9969-F646-4EE3-A30B-733A40564E8C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C472CC9-59D4-4E36-95B5-F34263C668F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EAE3A5C-C45B-40FE-B90C-0E888C660B74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{ACA4E20D-D702-46FE-949A-DC2D3B47DE17}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{F57788AD-D1F5-4489-B9A4-90DA7C0F8901}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8AAF989E-1B28-44D1-818E-9C997A0A7BFD}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{E8D990E8-6DA3-45D5-A3FE-3ED89B20969E}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{F0610DDB-BBB7-425C-8FE7-228084B99344}] => (Allow) A:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{11AF550C-2425-4573-80B1-8813F0AF3AF8}] => (Allow) A:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{165F710D-17DA-4681-AC7B-43F55A188236}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{1820C0F5-A60A-4FF5-BF93-976867A1FF85}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{D7F442C1-272E-4FAC-A798-055535A08E2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEA864E8-3BA4-46BC-9A6D-DC16AF97F98B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63D2CF0A-E2E8-4E43-9763-D55F1F9E39F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAEFCB7A-7C43-448C-891A-F6141A41E9EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A66BEB4-2917-4D00-B92C-DDDE70119FBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B6C6CFD5-D766-4AB8-9909-BF9458CC194B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5FD3127-E622-4694-95DA-ACA910C1ED01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE2AE2ED-D302-4D38-BE80-9A0F1CE7BFB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{463B58A5-E446-4322-8786-2A65BE5636E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => No File
FirewallRules: [{7564C2BF-109B-42D0-9EAE-608F0076E289}] => (Allow) C:\Program Files (x86)\Apprehended\Localizing.exe (Localizing Inc.) [File not signed]
FirewallRules: [{7B48D698-5372-48B4-A0CA-EAA54447E4D0}] => (Allow) C:\Program Files (x86)\Propagates\Localizing.exe (Localizing Inc.) [File not signed]
FirewallRules: [{185F160E-2C8B-40C4-B0DE-FE8ADCB707C1}] => (Allow) C:\Program Files (x86)\molto\Revelatory.exe (Revelatory Inc.) [File not signed]
FirewallRules: [{E91BCFC2-821E-4652-95EA-30A9EFBB2A16}] => (Allow) C:\Program Files (x86)\Propagates\Revelatory.exe (Revelatory Inc.) [File not signed]
FirewallRules: [{ECE9A5AA-164A-496D-B1F7-27CE191582AD}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{625215B7-50B3-4925-971D-F6DCC9CA43AE}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{A4D57D62-3220-4050-9078-00482FB2A0E9}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{F49C6010-6C94-4CF7-8467-60EFDE110333}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
DomainProfile\AuthorizedApplications: [A:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe] => Enabled:Daum PotPlayer
DomainProfile\AuthorizedApplications: [A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe] => Enabled:Daum PotPlayer
StandardProfile\AuthorizedApplications: [A:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe] => Enabled:Daum PotPlayer
StandardProfile\AuthorizedApplications: [A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe] => Enabled:Daum PotPlayer
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:111.17 GB) (Free:6.06 GB) (5%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (03/14/2021 05:26:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_AppXSvc, version: 10.0.18362.1, time stamp: 0x32d6c210
Faulting module name: AppXDeploymentExtensions.desktop.dll, version: 10.0.18362.1411, time stamp: 0xe47f56be
Exception code: 0xc0000005
Fault offset: 0x00000000000dee12
Faulting process id: 0x1c54
Faulting application start time: 0x01d718cc9cee5ac9
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\AppXDeploymentExtensions.desktop.dll
Report Id: 76280dbb-696e-4752-9b79-0ae9d545f6c7
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/14/2021 05:24:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Revelatory.exe version 1.5.7.178 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 20a4
 
Start Time: 01d718cc9f395c91
 
Termination Time: 6174
 
Application Path: C:\Users\other\AppData\Local\Revelatory.exe
 
Report Id: 2afa2fd1-8124-48e7-880f-098f23fc2b7c
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Unknown
 
Error: (03/14/2021 05:03:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17284,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/14/2021 04:59:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.766, time stamp: 0x5f20a5ba
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5e8272e4
Exception code: 0xc0000005
Fault offset: 0x0000000000219d05
Faulting process id: 0x13ec
Faulting application start time: 0x01d71873df31dce9
Faulting application path: A:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: A:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 01f40dd2-d7f8-412a-a5d2-ff4436dfae51
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (03/14/2021 04:40:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20760,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/14/2021 04:32:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17824,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/14/2021 04:16:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21280,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (03/14/2021 04:01:17 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (03/14/2021 05:55:31 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/14/2021 05:39:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CLCV0 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/14/2021 05:37:45 AM) (Source: DCOM) (EventID: 10010) (User: terry-PC)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (03/14/2021 05:37:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/14/2021 05:37:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (03/14/2021 05:37:16 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: XQHDrv.sys
 
Error: (03/14/2021 05:36:33 AM) (Source: DCOM) (EventID: 10005) (User: terry-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/14/2021 05:36:04 AM) (Source: DCOM) (EventID: 10005) (User: terry-PC)
Description: DCOM got error "1084" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{EDAE4045-CAE6-4706-8973-FA69715B8C10}
 
 
Windows Defender:
================
Date: 2021-03-14 05:18:45.417
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/DefenseEvasion!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Users\other\AppData\Local\Temp\nsoEEC5.tmp\13678.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\other\AppData\Local\Temp\nszD810.tmp\Zyogrh.exe
Security intelligence Version: AV: 1.333.373.0, AS: 1.333.373.0, NIS: 1.333.373.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
 
Date: 2021-03-13 23:09:44.332
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-13 22:49:34.419
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-13 03:17:21.563
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-12 18:12:57.362
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-03-14 05:32:40.334
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2021-03-12 18:04:17.276
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
 
==================== Memory info =========================== 
 
BIOS: Award Software International, Inc. F2 03/25/2011
Motherboard: Gigabyte Technology Co., Ltd. P67X-UD3-B3
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 60%
Total physical RAM: 16367.11 MB
Available physical RAM: 6416.62 MB
Total Virtual: 32751.11 MB
Available Virtual: 17808.17 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:1857.16 GB) (Free:118.82 GB) NTFS
Drive c: () (Fixed) (Total:111.17 GB) (Free:6.06 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:3725.86 GB) (Free:2515.2 GB) NTFS
Drive f: (Local Disk) (Fixed) (Total:931.51 GB) (Free:84.84 GB) NTFS
Drive m: (Premiere Pro CC 2017) (CDROM) (Total:1.25 GB) (Free:0 GB) UDF
Drive n: (Disk1) (CDROM) (Total:6.01 GB) (Free:0 GB) UDF
Drive p: () (Fixed) (Total:0 GB) (Free:0 GB) 
Drive q: (maxone) (Fixed) (Total:149.04 GB) (Free:147.01 GB) exFAT
 
\\?\Volume{d902d9da-23a5-11e1-bd2d-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{93e9e073-0000-0000-0000-20d11b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 93E9E073)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 915BBCF9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 57C6E725)
Partition 1: (Not Active) - (Size=1857.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=5.9 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
 
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 61371953)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================






 

 


  • 0

Advertisements

#2
RKinner
Posted 14 March 2021 - 10:43 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   90.57KB   184 downloads

Run FRST and press Fix (we are also checking your system fiels for tampering so will take about 25 minutes.  Be patient.

A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.

 



 


  • 0

#3
Terryc250
Posted 14 March 2021 - 04:16 PM

Terryc250

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Thank you!  Here are both logs:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by other (administrator) on TERRY-PC (Gigabyte Technology Co., Ltd. P67X-UD3-B3) (14-03-2021 15:08:23)
Running from F:\Downloads
Loaded Profiles: other
Platform: Windows 10 Pro Version 1909 18363.1440 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Windows\SysWOW64\UTSCSI.EXE
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(KeepSolid Inc.) [File not signed] A:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Malwarebytes Inc -> Malwarebytes) A:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) A:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1430_none_16f0726f2a33ac55\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) A:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Softdeluxe) [File not signed] A:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Screen+] => A:\Program Files\Screen+\ScreenLM64.exe [533936 2014-08-08] (AOC International (Europe) BV -> AOC Corps)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992032 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => "A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Run: [DiscordPTB] => C:\Users\terry\AppData\Local\DiscordPTB\app-0.0.54\DiscordPTB.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [uTorrent] => C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe [2142936 2020-12-22] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) [File not signed]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [icq.desktop] => C:\Users\other\AppData\Roaming\ICQ\bin\icq.exe [83598488 2019-12-02] (LLC Mail.Ru -> )
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [DiscordPTB] => C:\Users\other\AppData\Local\DiscordPTB\Update.exe --processStart DiscordPTB.exe
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29262520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [Opera Browser Assistant] => C:\Users\other\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366424 2020-12-08] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [] => [X]
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Run: [GoogleChromeAutoLaunch_72B22DA4C04D98E8097EFFE95F4CF76A] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Run: [Discord] => C:\Users\Person\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stlth\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stlth\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON NX130 Series 64MonitorBA: C:\Windows\system32\E_ILMHJA.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\\BtwCP.dll [2012-12-06] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> 
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClickMonitorDDC.lnk [2020-04-10]
ShortcutTarget: ClickMonitorDDC.lnk -> F:\Program Files (x86)\ClickMonitorDDC\ClickMonitorDDC_7_0.exe (ClickMonitorDDC) [File not signed]
Startup: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2020-12-03]
ShortcutTarget: ShareX.lnk -> A:\Program Files\ShareX\ShareX.exe (No File)
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-816131170-1439977655-1545633551-1007\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-816131170-1439977655-1545633551-1002\User: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\other\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04F171BC-4850-4FA4-88CB-EB5D8A4067B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {05E39DD4-02F5-4D9B-AA90-7E5213E52450} - System32\Tasks\ScpUpdater => A:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [460480 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
Task: {0735FDE7-39F3-4A17-B923-13327308C69F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-816131170-1439977655-1545633551-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840 2012-07-27] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {08BEA2BD-8A6C-479F-9BF7-4E472EF1D7E9} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {0CCF3C19-9C83-4325-8FD6-AD2E53C58493} - System32\Tasks\{E3A62748-BC16-43D0-B496-D7221CAE8C37} => C:\Windows\system32\pcalua.exe -a E:\Microsoft.Office.2007.Enterprise.Blue.Edition-DiGiTAL\setup.exe -d E:\Microsoft.Office.2007.Enterprise.Blue.Edition-DiGiTAL
Task: {0D41D747-785B-43A5-A800-7A5D40FF555E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13F4356C-B189-48A3-8FCF-263315EA8CB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {259EDD2D-25E1-4C20-8E84-D2258640CA9D} - System32\Tasks\Game_Booster_AutoUpdate => A:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {28E13C8F-0C2A-47C8-A9F7-6C03B2A0C918} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BF9A776-38D0-486B-9B09-591EDD13BFED} - System32\Tasks\Opera scheduled assistant Autoupdate 1608109099 => C:\Users\other\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\other\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2CB639E6-981B-4CB2-B747-828E5F241BB7} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {2FD785B4-5B4E-4F56-AC1C-A000C245271E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30CBD43C-E870-4026-9982-50C5E9DE7B7B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Users\terry\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {3A173012-8F02-463D-8B74-51A437B3ED19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3AF8BD35-F9A9-48E8-9945-83485461EDC1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {3CCCEA7D-3D91-4CB7-85C2-A14C3912D6AB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {3DA8C9F2-FF66-4CCF-8D3A-B474D66DF927} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40BE2F67-AC03-4B2A-BDC5-9F56C8D7CDFA} - System32\Tasks\BlueStacksHelper => A:\bs\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4956B16D-6C06-4315-B329-BCD664C6F9C0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {51158ED5-158A-4BD2-9E7A-7D6F79CD8C6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {5ADA862F-67D7-4294-BD27-44FA8334CA8E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6227FD45-22C6-4C41-A7C2-88A4B3533CB8} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {6D4041A7-60F3-4DA5-A2A1-7AC652CAD07E} - System32\Tasks\klcp_update => A:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-08-27] () [File not signed]
Task: {71A5FD68-6393-488C-81EF-37DB94085E1F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {739673EE-16FF-4D55-9CD6-4FED915CAF1B} - System32\Tasks\RealCreateProcessScheduledTask372694828S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-10-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {77508A04-93E2-467B-9431-B7BBFF6CAFEA} - System32\Tasks\{AF8F8AF2-8F1B-4F4F-87FB-C2104C5E815F} => C:\Windows\system32\pcalua.exe -a "A:\Users\Terry\Downloads\kntsetup (1).exe" -d A:\Users\Terry\Downloads
Task: {7E34E5D8-ED36-405E-9F4F-BF156D79103B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {80F690A5-CD83-49C7-863A-ABD1B2979E98} - System32\Tasks\AdobeAAMUpdater-1.0-terry-PC-terry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {821F7C3A-5633-48D2-8040-F2A2529818B5} - System32\Tasks\{3249AD5B-21F9-4BF5-B730-81508D495054} => "c:\users\terry\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/...all?page=tsMain
Task: {896D6A37-564F-4526-9464-B309245404D3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-816131170-1439977655-1545633551-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840 2012-07-27] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {8BD309E8-1C00-4A31-82C5-6FB0E9F771BA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8E71DBD5-0E29-4DD9-95F6-64235150FA0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {908D4208-B0EA-451B-986F-EF2B6DD2F40A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {925B7E55-2143-4F8B-BE4B-87D9A04700C6} - System32\Tasks\Opera scheduled Autoupdate 1608109085 => C:\Users\other\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-04] (Opera Software AS -> Opera Software)
Task: {926A3058-FD84-490C-8129-DB8FB17267E7} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel® Software -> Intel Corporation)
Task: {A2D654AC-3953-45A5-9634-1ACCD36B28FC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A60DE427-9DFC-40B7-AA22-FAE39412927F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {A80D4F96-C777-4CF2-9D08-41C15876C347} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A86C6F00-1D0C-498C-AE44-8B2BAAAFBEEA} - System32\Tasks\FreeDownloadManagerHelperService => A:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [144896 2020-07-03] (Softdeluxe) [File not signed]
Task: {A88C7CE6-8F9E-439C-B9F4-47DC1493D5E4} - System32\Tasks\EqualizerPro => A:\Program Files\EqualizerPro\EqualizerPro.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B488B750-EFE5-406E-94D0-352A6C2C1B92} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B55A9460-435F-4D56-9B69-CE02912B17FC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {BDD5EC23-5E53-49D6-9E7C-10FC6925FD08} - System32\Tasks\{C67D103D-12D9-46B3-8BD4-9CA024D295EA} => "c:\users\terry\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/...all?page=tsMain
Task: {CAD461A5-08C7-44D5-8867-DB2530FC9216} - System32\Tasks\Razer_Game_Booster_AutoUpdate => A:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [1135552 2012-11-13] (Razer USA Ltd -> )
Task: {CBCA8E66-31DB-4932-A366-3C58DE048D34} - System32\Tasks\G2MUpdateTask-S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Users\terry\AppData\Local\GoToMeeting\12771\g2mupdate.exe [29768 2019-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CD7A1286-45BF-4ABD-A768-68891FF8D5F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDCABDF9-EF21-4F4D-852E-8748DD70053A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {D283219A-0969-4830-BE02-0644EADFD45A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [1455752 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D2A6272A-B24F-4868-BD33-D727D77D4E85} - System32\Tasks\G2MUploadTask-S-1-5-21-816131170-1439977655-1545633551-1000 => C:\Users\terry\AppData\Local\GoToMeeting\12771\g2mupload.exe [29768 2019-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D2EAFB9A-CFFE-4E79-84C0-7EDD28A7C667} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D3C0BF34-E811-4C76-AC8B-72C2D501366B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {D8E55B64-F744-4567-A083-4F506CA053A8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {DBCFAF1B-722A-42BE-ABD6-0D2804AA6E60} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCBEF99A-8341-4EAF-B114-E8D12770F8D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF9F05BB-6B5A-4E93-8BF2-541249A434E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F3C8894A-818F-4F3C-B251-5E4B09802D01} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_pepper.exe [1455752 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F49A9712-AB77-4DBD-9A08-B538CDFF66CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {FCA5E40B-6DB6-468A-BE6D-4C8599BCE2E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD5BAAAC-89E0-4670-9DEB-1F86DBCD467C} - System32\Tasks\AMD ThankingURL => A:\\AMD\CIM\Bin64\Setup.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.114
Tcpip\..\Interfaces\{36855C26-5310-4E3D-9255-9BD223ADE5E3}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{4D2258B4-D222-4601-9EF8-572F1FF5542E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d3a7831-546a-4743-b55d-9d5ab15ea239}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d5902bd-9ba3-4d0a-be93-9c9d270748eb}: [DhcpNameServer] 192.168.1.254 75.153.171.114
Tcpip\..\Interfaces\{62FBDB9F-C653-47CE-BB82-916FE1E5B1AF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{63D23D4F-BC51-4C6F-A95E-8330DF67186E}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{6831C16F-4B1F-456B-B5E1-7C9213935103}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{6EA14BF7-0B6D-42B0-883B-086085F737B0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{75E05F4C-EF9D-484C-BCB4-B9BBAFE85C75}: [DhcpNameServer] 64.59.144.91 64.59.150.137
Tcpip\..\Interfaces\{797B3E40-D43F-4B36-8D1F-081F47D6747E}: [DhcpNameServer] 64.59.144.91 64.59.150.137
Tcpip\..\Interfaces\{7DD52480-4008-4E7C-882D-4C46E1700C19}: [DhcpNameServer] 64.59.144.93 64.59.150.139
Tcpip\..\Interfaces\{89298873-670E-4331-81A3-EDD9547DC871}: [DhcpNameServer] 64.59.144.91 64.59.150.137
Tcpip\..\Interfaces\{8F29EE05-137D-4622-80A6-0A604CAA58A3}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A197249D-539F-4CFA-896B-35B735591FF3}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{A197249D-539F-4CFA-896B-35B735591FF3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1453C9B-D56F-4719-9997-2F9F10D2A337}: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{D95BF8A6-F97C-4561-9D37-68EE112D4D99}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4ABA8DF-4D33-446E-B028-533D040E2D3F}: [DhcpNameServer] 172.20.10.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\other\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-14]
 
FireFox:
========
FF DefaultProfile: t2yi2atm.default-1609753342030
FF ProfilePath: C:\Users\other\AppData\Roaming\Mozilla\Firefox\Profiles\t2yi2atm.default-1609753342030 [2021-03-14]
FF Extension: (Image Downloader) - C:\Users\other\AppData\Roaming\Mozilla\Firefox\Profiles\t2yi2atm.default-1609753342030\Extensions\{589e6459-3d56-49b4-9b3d-6e4b7ef16940}.xpi [2021-01-10]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - A:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: (FiddlerHook) - A:\Program Files (x86)\Fiddler2\FiddlerHook [2014-08-31] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] [2015-05-05] [Legacy] [not signed]
FF HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\terry\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-15] (Adobe Systems Incorporated -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC -> DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> A:\bf4\bin\dtplugin\npDeployJava1.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> A:\bf4\bin\plugin2\npjp2.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-17] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> A:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> A:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\terry\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall) [File not signed]
FF Plugin-x32: @raidcall.kr/RCplugin -> C:\Users\terry\AppData\Roaming\RCKR\plugins\nprcplugin.dll [2012-08-09] (Raidcall) [File not signed]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-14] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-05-26] (Research In Motion -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: BYOND -> A:\Program Files (x86)\BYOND\bin\npbyond.dll [2012-07-15] (BYOND) [File not signed]
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\terry\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @acestream.net/acestreamplugin,version=3.1.9 -> C:\Users\terry\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @citrixonline.com/appdetectorplugin -> C:\Users\terry\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-12] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\terry\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape -> Octoshape ApS)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\terry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2018-10-31] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-816131170-1439977655-1545633551-1000: iloen.com/MelOnWebLinker -> C:\Windows\SysWOW64\npMelOnWebLinkerAx.dll [2014-06-12] (LOEN Entertainment) [File not signed]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\other\AppData\Local\Google\Chrome\User Data\Default [2021-03-14]
CHR DownloadDir: F:\Downloads
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://voice.google.com; hxxps://www.aliexpress.com
CHR StartupUrls: Default -> "hxxp://google.ca/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/docs/spreadsheets/favicon3.ico
CHR Extension: (Slides) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-19]
CHR Extension: (BetterTTV) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-18]
CHR Extension: (Docs) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-19]
CHR Extension: (Google Drive) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (MEGA) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-03-10]
CHR Extension: (Honey) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-02-18]
CHR Extension: (Ban Checker for Steam) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2020-11-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Image Downloader) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2021-01-05]
CHR Extension: (Tampermonkey) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-11-06]
CHR Extension: (Sheets) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-19]
CHR Extension: (Google Docs Offline) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-26]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-27]
CHR Extension: (Bookmark Search) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmokalkpaiacdofbcddkogifepbaijk [2020-12-17]
CHR Extension: (Koala Inspector - Inspect Shopify Shops) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbfbllnfhppnhjdhhbmjabikmkfekgf [2021-03-10]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2021-03-07]
CHR Extension: (Screen Recorder) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniebljpgcogalllopnjokppmgbhaden [2021-03-13]
CHR Extension: (Zendrop - AliExpress Product Importer) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoaepbdbkbncfnmplpeecofbnophahah [2020-11-30]
CHR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2021-01-25]
CHR Extension: (Egrow.io Amazon Scout Extension) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickcnpogpccagkhpcmibbkmdlnhiepda [2021-02-02]
CHR Extension: (Imagus) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-09-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-09-19]
CHR Extension: (Stream Recorder - download HLS as MP4) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogidnfllpdhagebkblkgbfijkbkjdmm [2021-02-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2021-01-05]
CHR Extension: (PlushyKicks - Fulfillman - Google Sheets) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemceekagfbifkkpbmklhjabmcedfgkm [2020-12-14]
CHR Extension: (Helium 10) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2021-02-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Messages) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngjipgjhfkaeimbhgmodlbhligdflei [2020-11-06]
CHR Extension: (Shopify Theme Detector) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\npjkomjipdbengebpldgodddlinfjhhm [2020-11-25]
CHR Extension: (Web Video Downloader) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\odecbmmehabeloobkgokmfgldaegiflc [2021-01-05]
CHR Extension: (Downloader for OnlyFans.com) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncijbkbmebnjlnghhpjcoeeagokpaal [2020-10-02]
CHR Extension: (Gmail) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\other\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]
CHR Profile: C:\Users\other\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-08]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bckipplcmnfhblnpibpbehenelnkpecd] - C:\Program Files (x86)\OkayFreedom\okayfreedom.crx [2013-12-05]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-816131170-1439977655-1545633551-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-14]
 
Opera: 
=======
OPR Profile: C:\Users\other\AppData\Roaming\Opera Software\Opera Stable [2021-03-13]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\other\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-17]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-14] (BattlEye Innovations e.K. -> )
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-05-23] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-05-23] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-05-23] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe [72808 2021-01-27] (Google LLC -> Google LLC)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
S4 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] (Giga-Byte Technology -> )
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [75776 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [5680320 2017-10-26] (Disc Soft Ltd -> Disc Soft Ltd)
S4 Ds3Service; A:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [394944 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Scarlet.Crush Productions)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
S4 HiPatchService; A:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
S4 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; A:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-04-02] (Malwarebytes Inc -> Malwarebytes)
S4 Nero BackItUp Scheduler 3; A:\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG -> Nero AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG -> Nero AG)
S4 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [317792 2013-12-10] (Steganos Software GmbH -> Steganos Software GmbH)
S4 Origin Client Service; A:\Program Files (x86)\Origin\OriginClientService.exe [2167056 2019-02-13] (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-07] (Even Balance, Inc. -> )
S4 ptservice; A:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe [17816 2014-01-20] (OpenVPN Technologies, Inc. -> OpenVPN Technologies, Inc)
S4 RaAutoInstSrv_AM10; C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe [528512 2010-02-19] (Cisco Consumer Products LLC -> Cisco Consumer Products LLC)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S4 SbieSvc; A:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D -> SANDBOXIE L.T.D)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6477936 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 ss_conn_service; A:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-15] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2012-12-18] () [File not signed]
S4 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9875416 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VPNUnlimitedService; A:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [47616 2020-12-24] (KeepSolid Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Users\other\AppData\Local\Temp\VPN Unlimited\VPNUWireguard.conf [301 2021-03-09] () [File not signed] <==== ATTENTION
S3 FOLIKRSV; "C:\Users\other\AppData\Roaming\Follow Liker\mdb\bin\folikrSrv.exe" --defaults-file="C:\Users\other\AppData\Roaming\Follow Liker\mdb\bin\srv.ini" FOLIKRSV
S2 MaskVPNService; "C:\Program Files (x86)\MaskVPN\mask_svc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [312480 2020-01-03] (Tages SA -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 busenum; C:\WINDOWS\System32\DRIVERS\SteelBus64.sys [112128 2012-05-22] (SteelSeries Corporation) [File not signed]
R1 Capsax64Drv0; C:\WINDOWS\System32\Drivers\Capsax64Drv0.sys [35976 2014-08-15] (Colasoft LLC -> Colasoft Co., Ltd.)
R3 CMUACWO; C:\WINDOWS\System32\drivers\CMUACWO.sys [357376 2013-02-19] (C-MEDIA ELECTRONICS INC. -> C-Media Inc.)
R1 CSN5PDTS82x64; C:\WINDOWS\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Chengdu Colasoft Co., Ltd. -> Colasoft Co., Ltd.)
S1 CsNdisLWF; C:\WINDOWS\System32\Drivers\CsNdisLWF.sys [44400 2017-07-11] (Colasoft Co., Ltd -> Windows ® Win 7 DDK provider)
S1 CsNdisLWF; C:\Windows\SysWOW64\Drivers\CsNdisLWF.sys [44400 2017-07-11] (Colasoft Co., Ltd -> Windows ® Win 7 DDK provider)
S3 DFX11_1; C:\WINDOWS\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Power Technology -> Windows ® Win 7 DDK provider)
S3 DIRECTIO; A:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] (PassMark Software Pty Ltd -> )
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2011-12-10] (DT Soft Ltd -> DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-03-11] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R3 EuMusDesignVirtualAudioCableWdm; C:\WINDOWS\System32\drivers\vrtaucbl.sys [90624 2013-09-05] (NTONYX Ltd. -> Eugene V. Muzychenko)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-21] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-05-15] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum.sys [37408 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid.sys [26912 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2020-01-03] (Tages SA -> )
S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-05-04] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-05-04] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2021-03-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-06] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-11-11] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [40664 2014-01-20] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S3 RTCore64; A:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [9834072 2019-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 SbieDrv; A:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D -> SANDBOXIE L.T.D)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2017-06-19] (Bruce James -> Scarlet.Crush Productions)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 taphss6; C:\WINDOWS\System32\DRIVERS\taphss6.sys [42184 2014-01-14] (AnchorFree Inc -> Anchorfree Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VBoxUSBMon; C:\WINDOWS\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6335912 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vhidmini; C:\WINDOWS\System32\DRIVERS\vHidDev.sys [7552 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 VKbms; C:\WINDOWS\System32\drivers\VKbms.sys [13312 2010-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38176 2020-09-27] (WireGuard LLC -> WireGuard LLC)
S1 XQHDrv; C:\WINDOWS\System32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-15] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-14 08:29 - 2021-03-14 08:29 - 000000000 ____D C:\Users\other\Documents\WonderFox Soft
2021-03-14 08:28 - 2021-03-14 08:28 - 000001068 _____ C:\Users\other\Desktop\HD Video Converter Factory Pro.lnk
2021-03-14 08:28 - 2021-03-14 08:28 - 000000000 ____D C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2021-03-14 08:07 - 2021-03-14 08:07 - 000000000 ____D C:\Users\other\AppData\Roaming\mpv
2021-03-14 08:05 - 2021-03-14 08:05 - 000000851 _____ C:\Users\other\Desktop\MPC-HC.lnk
2021-03-14 08:05 - 2021-03-14 08:05 - 000000839 _____ C:\Users\other\Desktop\MPC-HC x64.lnk
2021-03-14 08:05 - 2021-03-14 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2021-03-14 08:05 - 2021-03-14 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2021-03-14 08:05 - 2021-03-14 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2021-03-14 08:05 - 2021-03-14 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2021-03-14 08:01 - 2021-03-14 08:07 - 000000000 ____D C:\Users\other\AppData\Roaming\SVP4
2021-03-14 08:01 - 2021-03-14 08:01 - 000000776 _____ C:\Users\other\Desktop\SVP 4 Pro.lnk
2021-03-14 08:01 - 2021-03-14 08:01 - 000000748 _____ C:\ProgramData\Desktop\Configure ReClock.lnk
2021-03-14 08:01 - 2021-03-14 08:01 - 000000000 ____D C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SVP 4
2021-03-14 08:01 - 2021-03-14 08:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReClock
2021-03-14 08:01 - 2021-03-14 08:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2021-03-14 08:01 - 2021-03-14 08:01 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2021-03-14 07:57 - 2021-03-14 07:59 - 000000000 ____D C:\Users\other\AppData\Local\Mirillis
2021-03-14 07:57 - 2021-03-14 07:57 - 000000986 _____ C:\Users\other\Desktop\Splash.lnk
2021-03-14 07:57 - 2021-03-14 07:57 - 000000000 ____D C:\Users\other\AppData\Roaming\Mirillis
2021-03-14 07:57 - 2021-03-14 07:57 - 000000000 ____D C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2021-03-14 07:57 - 2021-03-14 07:57 - 000000000 ____D C:\ProgramData\Mirillis
2021-03-14 07:56 - 2021-03-14 07:56 - 000001002 _____ C:\ProgramData\Desktop\Apowersoft Video Converter Studio.lnk
2021-03-14 07:56 - 2021-03-14 07:56 - 000000000 ____D C:\usr
2021-03-14 07:56 - 2021-03-14 07:56 - 000000000 ____D C:\Users\other\AppData\Roaming\Apowersoft
2021-03-14 07:56 - 2021-03-14 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2021-03-14 07:56 - 2021-03-14 07:56 - 000000000 ____D C:\ProgramData\Apowersoft
2021-03-14 07:56 - 2019-11-11 21:44 - 000036600 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2021-03-14 06:08 - 2021-03-14 06:08 - 001304160 _____ (Google LLC) C:\Users\other\Downloads\ChromeSetup.exe
2021-03-14 05:39 - 2021-03-14 05:53 - 000003448 _____ C:\Users\other\Desktop\Rkill.txt
2021-03-14 05:32 - 2021-03-14 05:35 - 000202326 _____ C:\WINDOWS\ntbtlog.txt
2021-03-14 05:20 - 2021-03-14 05:21 - 000000258 __RSH C:\ProgramData\ntuser.pol
2021-03-13 05:39 - 2021-03-14 07:28 - 000000000 ____D C:\Users\other\AppData\LocalLow\uTorrent
2021-03-12 02:39 - 2021-03-12 02:39 - 000000000 ____D C:\Users\other\AppData\Roaming\4kdownload.com
2021-03-11 00:46 - 2021-03-11 00:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 00:46 - 2021-03-11 00:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 00:46 - 2021-03-11 00:46 - 001757632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 00:46 - 2021-03-11 00:46 - 001365640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 00:46 - 2021-03-11 00:46 - 001282360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 00:46 - 2021-03-11 00:46 - 000861696 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 00:46 - 2021-03-11 00:46 - 000515584 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-11 00:46 - 2021-03-11 00:46 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth19.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-03-11 00:46 - 2021-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-03-05 17:50 - 2021-03-05 17:50 - 000000000 ____D C:\Users\other\AppData\Local\com.electricplum.ems
2021-03-05 17:48 - 2021-03-05 17:48 - 000001123 _____ C:\ProgramData\Desktop\Electric Mobile Studio 2012.lnk
2021-03-05 17:48 - 2021-03-05 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electric Mobile Studio 2012
2021-03-05 17:48 - 2010-09-29 22:29 - 000360580 _____ (eSellerate Inc.) C:\WINDOWS\SysWOW64\eSellerateEngine.dll
2021-03-05 17:48 - 2010-09-29 22:29 - 000094208 _____ (eSellerate Inc.) C:\WINDOWS\SysWOW64\eSellerateControl365.dll
2021-03-04 23:02 - 2021-03-04 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-04 19:30 - 2021-03-04 19:30 - 000000000 ____D C:\Users\other\AppData\Roaming\CDisplayEx
2021-03-04 10:27 - 2021-03-14 05:20 - 000000000 ____D C:\Users\other\AppData\Local\CrashDumps
2021-03-02 20:12 - 2021-03-02 20:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-02 20:12 - 2021-03-02 20:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-02 20:12 - 2021-03-02 20:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-02 20:12 - 2021-03-02 20:12 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-02-23 22:47 - 2021-02-23 22:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-20 02:00 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\LocalLow\Adobe
2021-02-20 02:00 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\Local\Adobe
2021-02-20 01:55 - 2021-02-20 01:55 - 000000000 ____D C:\Users\Stlth\AppData\Local\TSVNCache
2021-02-20 01:53 - 2021-02-20 01:53 - 000000000 ____D C:\Users\Stlth\AppData\Local\cache
2021-02-20 01:52 - 2021-02-20 01:52 - 000000000 ____D C:\Users\Stlth\AppData\Local\PlaceholderTileLogoFolder
2021-02-20 01:50 - 2021-02-20 01:51 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-816131170-1439977655-1545633551-1011
2021-02-20 01:50 - 2021-02-20 01:51 - 000000000 ___RD C:\Users\Stlth\OneDrive
2021-02-20 01:50 - 2021-02-20 01:50 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Subversion
2021-02-20 01:49 - 2021-02-20 01:49 - 000000000 ____D C:\Users\Stlth\AppData\Local\KeepSolid Inc
2021-02-20 01:48 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Adobe
2021-02-20 01:48 - 2021-02-20 02:00 - 000000000 ____D C:\Users\Stlth\AppData\Local\Packages
2021-02-20 01:48 - 2021-02-20 01:53 - 000000000 ____D C:\Users\Stlth\AppData\Local\AMD
2021-02-20 01:48 - 2021-02-20 01:51 - 000002401 _____ C:\Users\Stlth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-20 01:48 - 2021-02-20 01:50 - 000000000 ____D C:\Users\Stlth\AppData\Local\NVIDIA Corporation
2021-02-20 01:48 - 2021-02-20 01:50 - 000000000 ____D C:\Users\Stlth
2021-02-20 01:48 - 2021-02-20 01:48 - 000000020 ___SH C:\Users\Stlth\ntuser.ini
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ___RD C:\Users\Stlth\3D Objects
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\VirtualStore
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\Publishers
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\Google
2021-02-20 01:48 - 2021-02-20 01:48 - 000000000 ____D C:\Users\Stlth\AppData\Local\ConnectedDevicesPlatform
2021-02-20 01:48 - 2019-05-04 18:43 - 000000000 ____D C:\Users\Stlth\AppData\Local\Microsoft Help
2021-02-20 01:48 - 2012-08-25 02:24 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Macromedia
2021-02-20 01:48 - 2009-07-14 00:45 - 000000000 ____D C:\Users\Stlth\AppData\Roaming\Media Center Programs
2021-02-19 18:47 - 2021-03-14 05:32 - 000216056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-15 01:44 - 2021-02-15 01:45 - 011148182 _____ C:\Users\other\Downloads\k
2021-02-15 01:34 - 2021-02-15 01:34 - 000000000 ____D C:\Users\other\AppData\Local\KeepSolid Inc
2021-02-15 01:29 - 2021-02-15 01:29 - 000000803 _____ C:\ProgramData\Desktop\VPN Unlimited.lnk
2021-02-15 01:29 - 2021-02-15 01:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-14 15:09 - 2014-01-01 21:37 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-14 15:08 - 2016-08-15 05:12 - 000000000 ____D C:\FRST
2021-03-14 15:07 - 2020-02-11 20:25 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-03-14 15:07 - 2020-02-11 20:25 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-14 15:07 - 2019-12-07 20:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-14 15:07 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-14 15:06 - 2019-03-18 21:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-03-14 15:03 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-14 14:56 - 2019-12-07 19:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-14 08:10 - 2014-07-17 15:42 - 000000000 ____D C:\Users\other\AppData\Roaming\vlc
2021-03-14 08:06 - 2020-11-23 23:35 - 000000000 ____D C:\Users\other\.cache
2021-03-14 08:05 - 2016-10-27 04:24 - 000000000 ____D C:\Program Files (x86)\AviSynth+
2021-03-14 08:00 - 2015-12-01 04:45 - 000000000 ____D C:\Users\other\AppData\Roaming\uTorrent
2021-03-14 07:59 - 2019-04-25 03:08 - 000000000 ____D C:\Users\other\AppData\Local\BitTorrentHelper
2021-03-14 06:07 - 2020-10-28 02:26 - 000000000 ____D C:\Users\other\AppData\Roaming\Shift
2021-03-14 06:07 - 2019-05-08 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-03-14 06:07 - 2019-05-08 15:40 - 000000000 ____D C:\Users\other\AppData\Roaming\Samsung
2021-03-14 06:04 - 2013-09-03 13:16 - 000000000 ____D C:\AdwCleaner
2021-03-14 05:53 - 2018-01-19 17:18 - 000000000 ___RD C:\Users\terry\Desktop\new s
2021-03-14 05:45 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-14 05:43 - 2019-12-07 20:06 - 001585530 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-14 05:43 - 2019-12-07 19:02 - 000517330 _____ C:\WINDOWS\system32\perfh012.dat
2021-03-14 05:43 - 2019-12-07 19:02 - 000149268 _____ C:\WINDOWS\system32\perfc012.dat
2021-03-14 05:28 - 2019-05-04 16:30 - 000000000 ____D C:\Users\terry\AppData\Local\Packages
2021-03-14 05:28 - 2019-03-30 23:05 - 000000000 ____D C:\Users\terry\AppData\Roaming\discordptb
2021-03-14 05:28 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-14 05:28 - 2012-03-21 09:31 - 000000000 ____D C:\Users\terry\AppData\Local\TSVNCache
2021-03-14 05:26 - 2019-03-30 23:05 - 000000000 ____D C:\Users\terry\AppData\Local\DiscordPTB
2021-03-14 05:25 - 2019-12-07 20:01 - 000000000 ____D C:\Users\other
2021-03-14 05:25 - 2019-05-04 16:30 - 000000000 ___RD C:\Users\terry\3D Objects
2021-03-14 05:18 - 2019-04-10 20:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-14 05:18 - 2012-05-01 18:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-14 05:12 - 2019-02-16 20:51 - 000000000 ____D C:\Users\other\AppData\Roaming\Discord
2021-03-14 03:24 - 2013-02-15 00:38 - 000000000 ____D C:\Users\other\AppData\Local\TSVNCache
2021-03-14 01:08 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-13 21:35 - 2019-04-26 00:23 - 000000000 ____D C:\Users\other\AppData\LocalLow\Mozilla
2021-03-12 17:08 - 2019-04-25 18:42 - 000000000 ____D C:\Users\other\Documents\ShareX
2021-03-12 05:12 - 2020-05-07 19:13 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-12 05:12 - 2020-05-07 19:13 - 000002259 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-12 03:52 - 2021-02-08 17:36 - 000000000 ____D C:\Users\other\AppData\Roaming\WhatsApp
2021-03-11 23:55 - 2021-02-08 17:35 - 000000000 ____D C:\Users\other\AppData\Local\WhatsApp
2021-03-11 23:54 - 2020-06-05 07:08 - 000000000 ____D C:\Users\other\AppData\Local\SquirrelTemp
2021-03-11 14:00 - 2019-05-04 19:17 - 000000000 ___RD C:\Users\other\3D Objects
2021-03-11 13:59 - 2019-12-07 19:56 - 005218928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 13:58 - 2019-03-18 23:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-11 13:58 - 2019-03-18 23:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 13:58 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 02:16 - 2020-10-29 00:29 - 000000000 ____D C:\Users\other\AppData\Local\xwalk
2021-03-10 14:04 - 2019-07-21 02:17 - 000000000 ____D C:\Users\other\AppData\Roaming\obs-studio
2021-03-10 08:43 - 2017-12-19 04:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-10 01:38 - 2019-04-25 01:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 01:27 - 2011-12-10 20:35 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 15:29 - 2020-12-16 01:58 - 000004164 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608109085
2021-03-08 15:29 - 2020-12-16 01:58 - 000001443 _____ C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-03-07 13:37 - 2015-12-05 02:46 - 000000000 ____D C:\Users\other\AppData\Local\Battle.net
2021-03-06 10:37 - 2015-10-13 11:21 - 000000000 ____D C:\Users\other\Documents\StarCraft II
2021-03-06 10:36 - 2015-12-05 02:46 - 000000000 ____D C:\Users\other\AppData\Roaming\Battle.net
2021-03-05 21:15 - 2019-05-04 16:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-05 16:28 - 2020-05-27 06:53 - 000000000 ____D C:\Users\other\Downloads\Telegram Desktop
2021-03-05 11:28 - 2020-07-14 22:39 - 000000000 ____D C:\Users\other\AppData\Local\ElevatedDiagnostics
2021-03-04 23:02 - 2019-02-28 21:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-04 15:07 - 2020-05-07 19:12 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 15:07 - 2020-05-07 19:12 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 20:40 - 2020-06-05 07:08 - 000000000 ____D C:\Users\other\AppData\Local\DiscordPTB
2021-03-02 00:37 - 2020-06-11 20:29 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-02-27 10:13 - 2019-12-07 20:11 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-816131170-1439977655-1545633551-1002
2021-02-27 10:13 - 2019-12-07 20:01 - 000002401 _____ C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 10:13 - 2019-05-04 19:18 - 000000000 ___RD C:\Users\other\OneDrive
2021-02-27 00:40 - 2020-07-23 19:15 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-25 00:49 - 2020-12-11 16:53 - 000000000 ____D C:\Users\other\AppData\Local\Shift
2021-02-24 00:48 - 2012-05-01 18:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-23 22:47 - 2011-12-10 22:33 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-20 15:55 - 2020-08-14 09:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 01:29 - 2013-04-19 13:24 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-13 16:28 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 16:28 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Common Files\System
 
==================== Files in the root of some directories ========
 
2019-10-20 13:38 - 2020-11-16 22:20 - 000000132 _____ () C:\Users\other\AppData\Roaming\Adobe PNG Format CS5 Prefs
2020-10-29 00:29 - 2020-10-29 00:29 - 000045056 _____ () C:\Users\other\AppData\Roaming\Web Data
2020-10-29 00:29 - 2020-10-29 00:29 - 000000000 _____ () C:\Users\other\AppData\Roaming\Web Data-journal
2020-11-28 16:04 - 2020-11-28 16:04 - 000001456 _____ () C:\Users\other\AppData\Local\Adobe Save for Web 13.0 Prefs
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by other (14-03-2021 15:10:10)
Running from F:\Downloads
Windows 10 Pro Version 1909 18363.1440 (X64) (2019-12-08 03:11:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
1 (S-1-5-21-816131170-1439977655-1545633551-1007 - Limited - Enabled)
Administrator (S-1-5-21-816131170-1439977655-1545633551-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-816131170-1439977655-1545633551-503 - Limited - Disabled)
Guest (S-1-5-21-816131170-1439977655-1545633551-501 - Limited - Disabled)
other (S-1-5-21-816131170-1439977655-1545633551-1002 - Administrator - Enabled) => C:\Users\other
Person (S-1-5-21-816131170-1439977655-1545633551-1010 - Administrator - Enabled) => C:\Users\Person
Stlth (S-1-5-21-816131170-1439977655-1545633551-1011 - Limited - Enabled) => C:\Users\Stlth
terry (S-1-5-21-816131170-1439977655-1545633551-1000 - Administrator - Enabled) => C:\Users\terry
WDAGUtilityAccount (S-1-5-21-816131170-1439977655-1545633551-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
µTorrent (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
4K Video Downloader (HKLM\...\{98A3B156-22C4-4B5A-9590-77DBF094BC71}) (Version: 4.13.5.3950 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
888poker (HKLM-x32\...\888poker) (Version:  - )
Ace Stream Media 3.1.9 (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\AceStream) (Version: 3.1.9 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Age of Wushu (HKLM-x32\...\{A0AFB64E-79E1-45BF-BA6C-18C21E007D8E}) (Version: 0.0.1.116 - Snail Games USA)
amazeowl-desktop (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\amazeowl-desktop) (Version: 3.5.0 - AmazeOwl)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.1.3 - Advanced Micro Devices, Inc.)
Apowersoft Video Converter Studio V4.8.5.1 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.5.1 - APOWERSOFT LIMITED)
Apple Application Support (32-bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS)
ASUS PCE-AC68 WLAN Card Driver (HKLM-x32\...\{39BD9681-D3B1-435C-A0C1-F87C68513401}) (Version: 2.1.4.3 - ASUS)
ASUS USB-N53 Utility (HKLM-x32\...\{E3D76EEB-4512-4FCF-B71B-5802DDC6B3C0}) (Version: 1.0.16.0000 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.4 - ASUS)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Audio DVD Creator 1.9.1.0 (HKLM-x32\...\Audio DVD Creator_is1) (Version:  - Goland Tech Ltd.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoHotkey 1.1.09.03 (HKLM\...\AutoHotkey) (Version: 1.1.09.03 - Lexikos)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AviSynth+ 3.5.1 (HKLM-x32\...\{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1) (Version: 3.5.1.3106 - The Public)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.4.1.240 - Online Media Technologies Ltd.)
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Betcoin Poker (HKLM-x32\...\DEAECD1E-0CEF-494d-A7DE-20EC7A6E3F61) (Version: 16.6 - IGSoft)
BigFoot-SC22 (HKLM-x32\...\{7E0E8313-0C11-4DBF-9A7D-D31E986A26E2}) (Version: 1.0 - 178游戏网)
Bisq (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\{io.bisq.gui.app}}_is1) (Version: 0.6.2 - Bisq)
Bisq (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{io.bisq.gui.app}}_is1) (Version: 0.6.2 - Bisq)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}) (Version: 6.1.0.36 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research In Motion Ltd.)
BlitzIn 3.10 (HKLM-x32\...\BlitzIn 3.10) (Version:  - Internet Chess Club)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version:  - )
Bluesky Frame Rate Converter Version 2.13.1 (HKLM\...\Bluesky Frame Rate Converter_is1) (Version:  - Bluesky)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
BYOND (HKLM-x32\...\BYOND) (Version: 498.1163 - BYOND)
Call of Duty Black Ops II (HKLM-x32\...\Call of Duty Black Ops II_is1) (Version:  - )
Car music DVD Burner 1.0 (HKLM-x32\...\Car music DVD Burner_is1) (Version: 1.0 - EZuse Computing, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}) (Version: 89.0.4389.25 - Google LLC)
Cisco Valet Connector (HKLM-x32\...\Cisco Valet Connector) (Version: 1.1.10049.0 - Cisco Consumer Products LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
ClickMonitorDDC version 7.0.0.0 (HKLM-x32\...\{2577BD7A-C90A-47F3-BDB9-89A9BA3E0BD9}_is1) (Version: 7.0.0.0 - ClickMonitorDDC)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
CMEDIA USB2.0 Audio Device (HKLM-x32\...\{9445E4B8-E875-470A-928A-A665D3F973B4}) (Version: 1.00.0001 - C-Media Electronics, Inc.)
Colasoft Capsa 10 Enterprise Demo (HKLM\...\571BFE52-AB70-4392-AE10-377934EC0827_is1) (Version: 10.0.0.10055 - Colasoft)
Colasoft Capsa 8 Free (HKLM-x32\...\Colasoft Capsa 8 Free_is1) (Version: 8.0.0.8053 - Colasoft)
CopyTrans Suite Remove Only (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CopyTrans Suite Remove Only (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
CPUID CPU-Z 1.88 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.88 - CPUID, Inc.)
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
CSV to vCard (HKLM-x32\...\{B9DCBBD4-20F5-424B-9C56-FFF62BE71CD7}_is1) (Version:  - csvtovcard.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version:  - DT Soft Ltd.)
Dark Souls Prepare to Die Edition (HKLM-x32\...\{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\DiscordPTB) (Version: 0.0.55 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\DiscordPTB) (Version: 0.0.56 - Discord Inc.)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version:  - )
Dream MP3 to MIDI Converter 3.7 (HKLM-x32\...\{66712EEE-ECBC-4CA6-A474-dream-mp3-to-midi-converter}_is1) (Version:  - DreamVideoSoft,Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 117.4.378 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Earth's Special Forces (HKLM-x32\...\ESF) (Version:  - )
Easy Tune 6 B11.0309.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
EasyLife Gadget (HKLM\...\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}) (Version: 1.0 - EasyLife Gadget)
Electric Mobile Studio 2012 version 1.1.5 (HKLM-x32\...\{D7DBD19C-4A7A-46B4-B626-F8CC7B36335D}_is1) (Version: 1.1.5 - electric plum, LLC)
Emby Server (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Emby Server) (Version: 4.1 - Emby Team)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON NX130 Series Printer Uninstall (HKLM\...\EPSON NX130 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
EVGA PrecisionX 16 (HKLM-x32\...\{4C5ECFC6-AF6E-42A0-988D-0A5FCBB8F0B9}) (Version: 5.3.11 - EVGA Corporation)
EZMira (HKLM-x32\...\{79BB7AC7-AB38-4C64-8140-7ECE6B46C26A}) (Version: 1.3.1.14 - Actions-Micro)
Fable III (HKLM-x32\...\{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\{4D53090A-CE35-42BD-B377-831000018301}) (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\{4D53090A-CE35-42BD-B377-831000018302}) (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\{4D53090A-CE35-42BD-B377-831000018303}) (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
Female Voices (HKLM-x32\...\{8339A1A4-765A-4B23-8950-86BD1382E37B}) (Version: 4.4.41 - Screaming Bee Inc.) Hidden
Female Voices for MorphVOX (HKLM-x32\...\{7deb85b1-333a-461a-9ae0-00b4b8a6e3e7}) (Version: 4.4.41 - Screaming Bee Inc.)
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
FFsplit version Alpha (HKLM-x32\...\{4AA62353-C8D9-4A05-A425-D9DFC4646B99}_is1) (Version: Alpha - Taqveer Doha)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.3 - Telerik)
Fiddler Syntax-Highlighting Addons (HKLM-x32\...\FiddlerSyntaxAddons) (Version:  - )
FiiO Portable High-Res Music Player series v4.11.0 (HKLM-x32\...\Software_FiiO_fiio_usbaudio_Setup) (Version: 4.11.0 - FiiO)
FileSeek 5.2.1 (HKLM-x32\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 5.2.1.0 - Binary Fortress Software)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Follow Liker version 10.4.3 (HKLM-x32\...\{0C42C8A7-894B-49A1-B6EC-FB7FB3C0A193}_is1) (Version: 10.4.3 - Follow Liker)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.10.1.3069 - Softdeluxe)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.4.1.0 - miHoYo Co.,Ltd)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version:  - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.39.5101 - Gretech Corporation)
GOMTV Streamer (HKLM-x32\...\GomTVStreamer) (Version: 1.0.0.26 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
GoToMeeting 8.39.0.11408 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\GoToMeeting) (Version: 8.39.0.11408 - LogMeIn, Inc.)
GoToMeeting 8.43.1.12771 (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\GoToMeeting) (Version: 8.43.1.12771 - LogMeIn, Inc.)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto V ver. 1.0.335.2 (HKLM-x32\...\{27159000-99AS-22CV-33F9-55GYHF2186AC}_is1) (Version: 1.0.335.2 - Rockstar Games)
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
HD Video Converter Factory Pro 21.8 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 21.8 - WonderFox Soft, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium Music Manager 11.2 (HKLM-x32\...\{FC3666EE-D43E-45E0-BB82-B8B6DE3A91C9}}_is1) (Version: 11.2.0.13510 - Imploded Software)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Heroes of the Storm Tech Alpha (HKLM-x32\...\Heroes of the Storm Tech Alpha) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IBBrowserInstallerEngine version 156.2 (HKLM-x32\...\IBBrowserInstallerEngine_is1) (Version: 156.2 - GibberishObama)
ICQ (version 10.0.38545) (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\icq.desktop) (Version: 10.0.38545 - ICQ)
iDealshare VideoGo 4.1.21.4997 (HKLM-x32\...\{CC4C06C4-7C78-4aab-B5AF-33FB11CCD828}_is1) (Version:  - iDealshare Corporation)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Infinite HD™ App (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Infinite HD™ App (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Extreme Tuning Utility (HKLM-x32\...\{92b09894-9d66-465d-97a0-5bcabf264301}) (Version: 6.5.1.321 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
intelliScore Ensemble MP3 to MIDI Converter Demo (HKLM-x32\...\intelliScore Ensemble MP3 to MIDI Converter Demo) (Version: 8.1 - Innovative Music Systems)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
KeyNote 1.6.5 (HKLM-x32\...\KeyNote_is1) (Version:  - )
K-Lite Mega Codec Pack 15.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.1.6 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.74.1-75 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1-75 - Hendrik Leppkes)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LemmingballZ 3D 8460 (HKLM-x32\...\LemmingballZ_0) (Version:  - )
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Lucius 1.01.3173 (HKLM-x32\...\{84F3F00F-CCA9-43B3-A493-1E2757649848}_is1) (Version: 1.01.3173 - Lace Mamba Global)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MaskVPN (HKLM-x32\...\{4A4ACF2E-4A98-4D18-80E3-5A5E5706F81E}_is1) (Version: 1.1.0.31 - Global Media (Thailand) Co., Ltd)
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MeGUI (remove only) (HKLM-x32\...\MeGUI) (Version: 0.3.5 - MeGUI Team)
MelOn Player4 (HKLM-x32\...\Melon40) (Version: 4.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1010\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-816131170-1439977655-1545633551-1011\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.)
MKVToolNix 7.3.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
Momentum Plus 1.2.1 (HKLM\...\69846732-891f-563b-a7f3-958f57d206ec) (Version: 1.2.1 - Holmez Softsolutions Pte. Ltd)
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MPC-HC 1.9.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.8 - MPC-HC Team)
MPC-HC 1.9.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.9.8 - MPC-HC Team)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: 1.0.0.0 - 2K Games)
NBA 2K20 version final (HKLM-x32\...\NBA 2K20_is1) (Version: final - The)
Nero 8 (HKLM-x32\...\{D6C9AF27-9414-46C8-B9D8-D878BA041033}) (Version: 8.3.314 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Netbeans with TMC 0.8.18 (HKLM\...\nbi-tmcbeans-1.0.0.0.0) (Version:  - )
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.3.0.5 - GOG.com)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
NullpoMino version 7.5 (HKLM-x32\...\{92421394-0936-4142-B3BD-400D24E8D662}_is1) (Version: 7.5 - NullNoname)
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.2 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open Broadcaster Software version 0.448a (HKLM-x32\...\{F017778C-11C7-4E57-8124-F10C5AD74B1E}_is1) (Version: 0.448a - )
Opera Stable 74.0.3911.203 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Opera 74.0.3911.203) (Version: 74.0.3911.203 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.13.1.16659 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.1.23136 - Grinding Gear Games)
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.4.0 - Futuremark)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Peace (HKLM\...\Peace) (Version: 1.4.5.0 - P.E. Verbeek)
PE-DESIGN Ver.6 (HKLM-x32\...\{B202B201-5D15-4CA7-A978-047AB4A28960}) (Version: ANY - )
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1037.0 - Passmark Software)
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Daum Communications Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.3.4.0 - OpenVPN Technologies)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Razer Abyssus (HKLM-x32\...\{CBD6B23A-B54F-476A-9527-C262F469CACF}) (Version: 2.01 -  Razer USA Ltd.)
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Razer Salmosa (HKLM-x32\...\{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}) (Version: 1.00 -  Razer USA Ltd.)
Real Boxing (HKLM-x32\...\Real Boxing_is1) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ReClock (HKLM-x32\...\ReClock) (Version:  - RedFox Project)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
RPG Maker VX Ace (HKLM-x32\...\{835D562C-B72C-461D-A9C3-B8206B66E85A}) (Version: 1.01 - RPG MAKER)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Sandboxie 3.76 (64-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
ScpToolkit (HKLM\...\{1EA84ED4-28D4-4836-BF8B-0E31BF1704C5}) (Version: 1.7.277.16103 - Nefarius Software Solutions)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SewArt (HKLM\...\{C398F221-F15C-4BB6-988D-05D5D2794AEB}) (Version: 1.8.4 - S & S Computing)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 10.9.1 - ShareX Team)
SharpKeys (HKLM-x32\...\{B6685367-A8AD-4414-A2A3-10B40EC5CF30}) (Version:  - )
Shift (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Shift) (Version: 3.6.1 - Shift)
Shift (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Shift) (Version: 6.0.56-stable - Shift)
Shredder Classic 4 (HKLM-x32\...\{C0FA6973-0ED6-4523-9593-BE50927A28BB}_is1) (Version:  - Stefan Meyer-Kahlen)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype version 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skyperious 3.5 (HKLM-x32\...\Skyperious) (Version: 3.5 - Erki Suurjaak)
Sleeping Dogs version 1.4 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 1.4 - )
Smart 6 B10.1221.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.10 - Hi-Rez Studios)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
Sony ACID Pro 6.0 (HKLM-x32\...\{87DABCF7-2C38-4996-8FBE-053CA6536168}) (Version: 6.0.355 - Sony)
Sony Media Manager 2.2 (HKLM-x32\...\{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}) (Version: 2.2.93 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Splash (HKLM-x32\...\Mirillis Splash) (Version: 2.7.0 - Mirillis)
Spotify (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
StarCraft II Public Test (HKLM-x32\...\StarCraft II Public Test) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Kinzu Optical Mouse (HKLM-x32\...\{A03E4302-F387-47F3-8136-6D9D9286CD3B}) (Version: 1.0.10 - Steelseries)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version:  - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SVP 4 Free (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\{94019171-0cc6-4145-bfee-235091d83782}) (Version: 4.0 - SVP Team)
SVP 4 Free (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{94019171-0cc6-4145-bfee-235091d83782}) (Version: 4.0 - SVP Team)
SVP 4 Pro (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{89768a8d-58e3-44d2-afea-1c3f68cfa109}) (Version: 4.3 - SVP Team)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20202 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop version 2.6.1 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.6.1 - Telegram FZ-LLC)
The Darkness II (HKLM-x32\...\The Darkness II_is1) (Version:  - )
The Elder Scrolls V Skyrim (HKLM-x32\...\{4FEF52F2-3C2C-4B80-9443-3D6A654328D0}_is1) (Version:  - Bethesda Softworks)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\TimeAdjuster) (Version:  - IrekSoftware.com)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\TimeAdjuster) (Version:  - IrekSoftware.com)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
TortoiseSVN 1.7.6.22632 (64 bit) (HKLM\...\{D2D22BEE-B7F1-49D0-9ED6-86D0B2CEDFAD}) (Version: 1.7.22632 - TortoiseSVN)
TRENDnet Powerline Utility (HKLM-x32\...\{B596801C-EA86-4920-8432-1B1B8AE148F0}) (Version: 7.1.0101 - TRENDnet)
Trine 2 (HKLM-x32\...\Trine 2_is1) (Version:  - )
TunSetupVPNU (HKLM\...\{3E4BC5B7-104F-40B3-BEC4-9CEF0BCD0EF8}) (Version: 1.0.0 - Keepsolid Inc.)
Twitch Leecher 1.8 (HKLM\...\{F6711650-3BDB-4025-82D4-0639CC06F686}) (Version: 1.8.0.0 - Franiac) Hidden
Twitch Leecher 1.8 (HKLM-x32\...\{4ef3f40e-3993-4078-af37-d9444538f014}) (Version: 1.8.0.0 - Franiac)
UltraSearch V2.0.3 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.0.3 - JAM Software)
Unity Web Player (HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
VALORANT (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Veoh Giraffic Video Accelerator (HKLM-x32\...\Giraffic) (Version: 0.86.412.230 - Giraffic)
Video Download Studio 3.4.14 (HKLM-x32\...\{8A075C9A-1368-4491-855E-F3D9ABE55740}_is1) (Version:  - aHisoft)
viewerise v1.53.666 (HKLM-x32\...\viewerise_is1) (Version: 1.53.0.224 - )
Virtual Audio Cable 4.12 (HKLM\...\Virtual Audio Cable 4.12) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VPN Unlimited 8.3.1 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 8.3.1 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warframe (HKLM-x32\...\{4C8CFCAF-4589-46E7-ABB8-438A73CF4996}) (Version: 1.0.0 - Digital Extremes)
Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Weather (HKLM-x32\...\Weather) (Version: 9.1.0T - Weather)
WeChat (HKLM-x32\...\WeChat) (Version: 3.0.0.57 - 腾讯科技(深圳)有限公司)
WeMod (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\WeMod) (Version: 6.3.10 - WeMod)
WhatsApp (HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\WhatsApp) (Version: 2.2108.8 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WM Capture (HKLM-x32\...\WM Capture) (Version:  - )
WM Recorder 14 (HKLM-x32\...\WM Recorder 14) (Version:  - )
Wondershare Video Converter Ultimate(Build 8.0.0.10) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.0.10 - Wondershare Software)
Wondershare Video Editor(Build 3.1.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.3.0.16992 - Blizzard Entertainment)
XSplit (HKLM-x32\...\{8BD89760-6B5D-4A3C-8B0D-CDB93BEFC0F6}) (Version: 1.2.1303.0101 - SplitMediaLabs)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yakuza Kiwami (HKLM-x32\...\Yakuza Kiwami_is1) (Version:  - )
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
ZipItFree 1.95 (HKLM-x32\...\ZipItFree_is1) (Version:  - MicroSmarts LLC.)
 
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1970.1.0_x86__kgqvnymyfvs32 [2021-03-06] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-17] (Apple Inc.) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-06] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-06] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => A:\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FileSeek] -> {b211c53f-0052-4187-957f-f5bea28eb679} => A:\Program Files (x86)\FileSeek\FileSeekContextMenuHandler64.dll [2016-08-09] (Binary Fortress Software Ltd. -> Binary Fortress Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [jZip] -> {E677C7AD-2B66-4539-AA29-3771A1CFEDA9} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => A:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2011-12-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2011-12-15] () [File not signed]
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2014-10-24] () [File not signed]
ContextMenuHandlers1-x32: [ZipItFreeContextMenu] -> {9FCB3717-B87B-421E-BB30-61769539EA23} => C:\Program Files (x86)\ZipItFree\ZFreeEx.dll [2007-12-04] (MicroSmarts LLC.) [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => A:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [GB3ContextMenu] -> {3A488FE8-9916-4F36-BDFF-3DED559142E5} => A:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll [2012-11-13] (Razer USA Ltd -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => A:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => A:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2011-12-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2011-12-15] () [File not signed]
ContextMenuHandlers4-x32: [ZipItFree] -> {9FCB3717-B87B-421E-BB30-61769539EA23} => C:\Program Files (x86)\ZipItFree\ZFreeEx.dll [2007-12-04] (MicroSmarts LLC.) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\nvshext.dll [2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [FileSeek] -> {b211c53f-0052-4187-957f-f5bea28eb679} => A:\Program Files (x86)\FileSeek\FileSeekContextMenuHandler64.dll [2016-08-09] (Binary Fortress Software Ltd. -> Binary Fortress Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => A:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => A:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2012-03-08] (Stefan Kueng. Open Source Developer -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2011-12-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2011-12-15] () [File not signed]
ContextMenuHandlers6-x32: [ZipItFree] -> {9FCB3717-B87B-421E-BB30-61769539EA23} => C:\Program Files (x86)\ZipItFree\ZFreeEx.dll [2007-12-04] (MicroSmarts LLC.) [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-25] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-25] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-09-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Emby\Emby Server Dashboard.lnk -> hxxp://localhost:8096/web/dashboard.htm
ShortcutWithArgument: C:\Users\other\Desktop\PlushyKicks - Fulfillman - Google Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=nemceekagfbifkkpbmklhjabmcedfgkm
ShortcutWithArgument: C:\Users\other\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\PlushyKicks - Fulfillman - Google Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=nemceekagfbifkkpbmklhjabmcedfgkm
ShortcutWithArgument: C:\Users\other\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PlushyKicks - Fulfillman - Google Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=nemceekagfbifkkpbmklhjabmcedfgkm
ShortcutWithArgument: C:\Users\other\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2019-05-15 15:51 - 2014-04-17 09:54 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2019-12-07 20:02 - 2019-12-07 20:02 - 000008704 _____ () [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2019-12-07 20:02 - 2019-12-07 20:02 - 000131072 _____ () [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\SHDocVw\1.1.0.0__1b4e890f49261012\SHDocVw.dll
2012-11-25 21:20 - 2012-11-25 19:01 - 000041984 _____ () [File not signed] A:\Program Files (x86)\FFsplit\FFsource.ax
2012-08-16 14:28 - 2012-08-17 00:16 - 000121856 _____ () [File not signed] A:\Program Files (x86)\FFsplit\FFSplit Overlay Filter.ax
2021-02-15 01:29 - 2020-12-24 13:48 - 001980928 _____ () [File not signed] A:\Program Files (x86)\VPN Unlimited\vpnu_private_sdk.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 008358400 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avcodec-54.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 001152512 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avformat-54.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 000151040 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avutil-51.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 000026112 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swresample-0.dll
2012-04-30 00:55 - 2012-04-30 00:55 - 000333824 _____ () [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swscale-2.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-10-18 14:51 - 2017-10-18 14:51 - 000598528 _____ () [File not signed] C:\Users\terry\AppData\Local\MEGAsync\ShellExtX64.dll
2015-05-05 04:41 - 2014-10-24 14:16 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2011-12-25 06:16 - 2011-12-15 13:38 - 000193536 _____ () [File not signed] F:\Program Files\WinRAR\rarext.dll
2020-07-04 17:25 - 2019-02-21 09:00 - 000078336 _____ (Igor Pavlov) [File not signed] F:\Program Files\7-Zip\7-zip.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2013-02-17 23:46 - 2013-02-17 23:46 - 001881088 _____ (SplitmediaLabs Limited) [File not signed] C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\VHMediaCOM.dll
2021-02-15 01:29 - 2020-10-12 14:23 - 000361984 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] A:\Program Files (x86)\VPN Unlimited\libcurl.dll
2019-05-15 15:51 - 2014-04-17 09:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll
2021-02-15 01:29 - 2020-10-12 14:23 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] A:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2021-02-15 01:29 - 2020-10-12 14:23 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] A:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-01-17 16:04 - 2020-01-17 16:04 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:51 - 2019-07-18 11:51 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-18 07:39 - 2020-07-03 14:15 - 006165112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] A:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll
2008-10-16 09:25 - 2006-10-12 13:30 - 000188416 _____ (Unreal Streaming Technologies Group.) [File not signed] A:\Program Files (x86)\WMCap\Bin\UScreenCapture.ax
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ca.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-816131170-1439977655-1545633551-1000 -> {05057CAC-32FC-4A76-83F9-C673FB7D9590} URL = hxxps://ca.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-816131170-1439977655-1545633551-1002 -> {05057CAC-32FC-4A76-83F9-C673FB7D9590} URL = hxxps://ca.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2019-03-18] (Microsoft Windows -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> A:\bf4\bin\ssv.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> A:\bf4\bin\jp2ssv.dll [2016-03-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-14] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-11-07] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\melon.com -> melon.com
IE trusted site: HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\melon.com -> melon.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2021-03-14 05:55 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2015-02-26 17:50 - 2019-12-07 09:03 - 000000505 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 terry-PC.mshome.net # 2024 12 4 5 16 3 43 950
192.168.137.1 terry-PC.mshome.net # 2024 11 1 4 16 23 32 22
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\ASUS\Bluetooth Software;C:\Program Files\ASUS\Bluetooth Software\syswow64;A:\Program Files (x86)\Livestreamer;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\terry\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-816131170-1439977655-1545633551-1010\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-816131170-1439977655-1545633551-1011\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254 - 75.153.171.114
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AUEPLauncher => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: chromoting => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DES2 Service => 2
MSCONFIG\Services: Ds3Service => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: Giraffic => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: LogiRegistryService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PLFlash DeviceIoControl Service => 2
MSCONFIG\Services: ptservice => 2
MSCONFIG\Services: RaAutoInstSrv_AM10 => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Smart TimeLock => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: vgc => 3
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMwareHostd => 2
MSCONFIG\Services: VPNUnlimitedService => 2
MSCONFIG\Services: XTU3SERVICE => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FiiO Control Panel Autostart.lnk => C:\Windows\pss\FiiO Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk => C:\Windows\pss\PrivateTunnel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ScpToolkit Tray Notifications.lnk => C:\Windows\pss\ScpToolkit Tray Notifications.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^terry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ShareX.lnk => C:\Windows\pss\ShareX.lnk.Startup
MSCONFIG\startupreg: Abyssus => A:\Program Files (x86)\Razer\Abyssus\razerhid.exe
MSCONFIG\startupreg: AceStream => C:\Users\terry\AppData\Roaming\ACEStream\engine\ace_engine.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\terry\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Cm108Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "F:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: DFX => C:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: Discord => C:\Users\terry\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: DivXMediaServer => A:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EADM => "A:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Easy-Hide-IP => A:\Program Files\Easy-Hide-IP\easy-hide-ip.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EqualizerPro => A:\Program Files\EqualizerPro\EqualizerPro.exe
MSCONFIG\startupreg: Google Update => "C:\Users\terry\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_87DAA32EE09FADE6711293FAB267E54E => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: Greenshot => A:\Program Files\Greenshot\Greenshot.exe
MSCONFIG\startupreg: Hyperdesktop => C:\Users\terry\AppData\Roaming\Hyperdesktop\hyperdesktop.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: ISUSPM Startup => c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "F:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LGHUB => "C:\Program Files\LGHUB\lghub_agent.exe" --autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
MSCONFIG\startupreg: NBKeyScan => "A:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\terry\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PWRISOVM.EXE => A:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RaidCall => A:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Salmosa => A:\Program Files (x86)\Razer\Salmosa\razerhid.exe
MSCONFIG\startupreg: SandboxieControl => "A:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Shift => C:\Users\terry\AppData\Local\Shift\app-3.4.4\Shift.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => C:\Users\terry\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Steam => "F:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: uTorrent => "C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: vmware-tray.exe => "A:\Program Files (x86)\VMware\vmware-tray.exe"
MSCONFIG\startupreg: VPN Unlimited => "A:\Program Files (x86)\VPN Unlimited\vpn-unlimited-launcher.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "Screen+"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-816131170-1439977655-1545633551-1000\...\StartupApproved\Run: => "Shift"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\StartupFolder: => "ClickMonitorDDC.lnk"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "icq.desktop"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-816131170-1439977655-1545633551-1002\...\StartupApproved\Run: => "Free Download Manager"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{25B08A93-3D26-476F-BF4C-EB6DAB9DFEF9}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\9001\9001.exe () [File not signed]
FirewallRules: [{58B13AE6-AC9F-4248-99EE-295A537EE3DF}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\9001\9001.exe () [File not signed]
FirewallRules: [{607C12C9-3679-4A78-A124-157C081248FB}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3CC1004C-878E-4597-AB32-1C880F51DABD}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{E71D959B-11B0-44AC-A239-5F208F0DC269}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{2E488F43-B92F-4CC7-A3B1-22BCE9AB2DC9}] => (Allow) A:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3FEDA325-07CE-4499-9D87-FB564A7EE6F5}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\DISSIDIA FINAL FANTASY NT Free Edition\dffnt.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{30EB1B96-474A-47F6-BD94-27452A098435}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\DISSIDIA FINAL FANTASY NT Free Edition\dffnt.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{20BE123F-AE14-4589-A9C5-9027682452DD}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{74E102D7-B078-452C-AB05-747845BE4B59}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{8CEA2FFC-7DAD-43B5-864F-D866CB953A80}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed]
FirewallRules: [{46ED7324-C19A-44D5-A6BD-DB9B516E49E2}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed]
FirewallRules: [{7C67B92D-4CD5-48D2-AE1C-52B8D4038252}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed]
FirewallRules: [{31758FF1-9641-4266-ABB1-C0A057BFF64E}] => (Allow) C:\Users\other\AppData\Roaming\Emby-Server\system\EmbyServer.dll (Emby) [File not signed]
FirewallRules: [{E55B7C7A-4496-48AF-B1BC-CAF85D88E4E8}] => (Allow) LPort=8920
FirewallRules: [{D180CF17-DEBB-40B9-B09F-F5DC59304838}] => (Allow) LPort=8096
FirewallRules: [{26B71AAC-95C2-4CA9-9649-2EBA54F74541}] => (Allow) LPort=7359
FirewallRules: [{84FB72C2-7ED3-4CF2-BB4C-FCC66F8B0AE7}] => (Allow) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89FFB574-E6FB-4CDA-AD7A-E309A6B449A4}] => (Allow) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA7067B7-A2E9-414B-B37D-2EC546687E4B}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{78ACA873-A4F9-43C5-89DF-20F326B98C0F}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{2462B148-7E1F-4693-9062-01939F672247}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{2D70DF52-A0E0-4FB1-8B52-339248184412}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{E707BFED-10EF-419A-ADAE-3FBD4DCC1B7A}] => (Allow) LPort=53
FirewallRules: [{52E95C02-C90A-4559-AA57-D4DC87AFA4C2}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{66AAEF6B-058B-4B72-B89D-425FEF1BBDB0}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{B48D72F0-494B-4051-82DF-24F6A0D63AEF}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{0CD0566A-2B84-4378-96A9-9C529A8F131F}] => (Allow) LPort=53
FirewallRules: [{58D53C89-FF2C-4EE8-B8BA-7B123EB35C76}] => (Allow) LPort=1542
FirewallRules: [{A77699E4-7A46-4595-AD54-B789E35BCF6A}] => (Allow) LPort=1542
FirewallRules: [{C6EC7E3C-1087-40AF-90AB-59DA6F4E3BE9}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{85AFF8E7-2180-4F46-AC3A-3C8D812A3CC7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3A6AB504-B4D2-4118-8F20-F006847D0443}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5227726E-53A5-4426-8557-B7F876D95ED0}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [{BD9EA227-CD8E-4924-A18F-60DA3ADA7A72}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [TCP Query User{220C5188-57E9-4CEB-9B3F-F076E33E8A11}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [UDP Query User{6AC3A7D6-1E4C-49B9-A685-E7E5BEAC1285}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe (Qlipso Inc. -> Veoh Networks)
FirewallRules: [TCP Query User{21D5837F-915D-4017-A59E-AD3DC94B26E4}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe] => (Allow) C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe (Kamuse Co.,Ltd -> )
FirewallRules: [UDP Query User{162444A8-C625-4360-A771-318939B7A64D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe] => (Allow) C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe (Kamuse Co.,Ltd -> )
FirewallRules: [TCP Query User{872DF883-A238-4A10-96AB-6906D74FB954}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{DAC22D38-892B-46CF-86C3-2821B8E218E2}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{3EF8F69D-5EEB-43BF-B9E4-7407E52FEAAD}] => (Allow) F:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion -> Research In Motion)
FirewallRules: [{70111A68-3D25-4578-825A-49717B336BB1}] => (Allow) F:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion -> Research In Motion)
FirewallRules: [{64E9D9A5-C01B-4AE5-9F01-10BDFC64F6AE}] => (Allow) LPort=4481
FirewallRules: [{B8B7493F-861B-4A2D-B623-51CC463F8D5C}] => (Allow) LPort=4481
FirewallRules: [{127CE5AE-85A6-4AB7-A830-E52A8D98E1C3}] => (Allow) LPort=4482
FirewallRules: [{9D43AA1C-A4F5-43C0-9DDE-F2C1B5216389}] => (Allow) LPort=4482
FirewallRules: [{77D98DA6-6E6E-4671-80C7-D1D24B155B21}] => (Allow) F:\Program Files (x86)\MelOn Player4\system32\p3melonasvr2.exe (© PeeringPortal) [File not signed]
FirewallRules: [{57265BC7-0237-4EF7-9A25-054FD806078E}] => (Allow) F:\Program Files (x86)\MelOn Player4\Playback\pino-melon.exe () [File not signed]
FirewallRules: [{04BB8D9C-CDBA-4E5C-B9C8-C4F87DFDC702}] => (Allow) A:\Mass Effect 3\Binaries\Win32\MassEffect3.exe (BioWare) [File not signed]
FirewallRules: [{AD7E522F-DAEE-471B-B0E8-E95A4C3352FD}] => (Allow) A:\Mass Effect 3\Binaries\Win32\MassEffect3.exe (BioWare) [File not signed]
FirewallRules: [{38F33978-3CD4-4277-B299-81F4100CF2EC}] => (Allow) F:\Program Files (x86)\d3us\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FF831692-D75B-4A18-8A37-6C9B1DF4A99D}] => (Allow) F:\Program Files (x86)\d3us\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{95E35B64-F3AA-4CBE-B70F-A1DC083AD084}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EC30222D-66D0-4024-85CF-D004DD46A37D}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7E8A48D-AFFE-4C86-89EC-72CA61E597D9}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{A751F361-7BA6-46F7-9393-98B32B05E6E5}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{31976A14-FA6B-433E-817D-B8AACEA0EA0A}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{664F90E8-6D48-4C40-AFA6-BAAB1B6E2675}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [TCP Query User{7B2F8893-796F-47FA-94AF-FC1BBDA4651D}A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe (THQ Inc.) [File not signed]
FirewallRules: [UDP Query User{F5C49F86-34D4-45A2-B88C-EC0429D8D234}A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) A:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe (THQ Inc.) [File not signed]
FirewallRules: [{7E2F7A65-9D03-46F2-B840-B7A110D8D004}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{538390C1-7AC0-49EC-9F2A-1DD2C6D417E9}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{7A7881EF-AAA2-4367-ABDC-0CE6DB2205F7}] => (Allow) A:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe (FromSoftware,Inc. -> NAMCO BANDAI Games Inc.)
FirewallRules: [TCP Query User{8020DA53-83E7-4DE3-B397-15747A346A0D}A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{7A1D4BD7-24A8-4DFD-9541-38B06AF29858}A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) A:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [{F5B98E87-F60C-4932-A4AB-0A7323FE96B2}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{F3061E3B-1351-43AD-9767-4D48EEB30B0B}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]
FirewallRules: [{B43B81C0-AB91-4D90-8BAF-05CE56F11766}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{8C9A8D4E-4FAB-4A47-9D9D-9C6AD5A07760}] => (Allow) A:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)
FirewallRules: [{2378B6B0-C056-494B-BBCB-5EA3F2210854}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{308FF3A4-7036-4B99-BE56-D590B3F3EA60}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{5C249F3A-E9FE-4425-8BD3-C46E591D758D}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{B3020FC6-9C02-4C6C-A2ED-277C2327E6C8}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{4941C6D0-FC3D-4156-85D3-47032DE80B25}A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{2D1242A3-A155-42D8-8509-297EDCE5CA78}A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6zm.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [{57064C0F-6783-4E73-B467-05BBE9907C95}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{4DB7BBDC-5425-4B20-91FB-BF0DF0727CE7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{9ADA9292-FC23-4594-8E1D-45A4707E0B1C}A:\program files (x86)\ffsplit\ffsplit.exe] => (Allow) A:\program files (x86)\ffsplit\ffsplit.exe (FFsplit) [File not signed]
FirewallRules: [UDP Query User{5437095D-EC91-4624-A200-F88677EDFD55}A:\program files (x86)\ffsplit\ffsplit.exe] => (Allow) A:\program files (x86)\ffsplit\ffsplit.exe (FFsplit) [File not signed]
FirewallRules: [{1999979F-CDC7-4B60-9DE1-C850DF9DD213}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E3DF569-F884-4730-B034-9BBFED98DFF4}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{75E7EF39-9D55-4AD1-8A5F-A9D6DB678F5C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6BD37D36-E891-4862-A2A8-5567978679D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{896999BA-6435-4415-BAB3-5F147ED2E825}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2BA88243-C3BD-4134-8A79-700DC114E7C3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{F2044AD5-89E5-4A9B-BD94-1F1B91886053}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{1C68FEAA-1E72-41C3-997B-D93CBC4C49AE}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{DCA1100E-D2F8-474F-98A0-3B40B7CAE3DF}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{264B9A13-703D-46CE-950C-E5F6FA9C171D}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{D4A72627-64E7-4840-8C79-B1042EAC723E}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AFFCD3E1-52B2-45D2-9D10-55148D89DB37}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F5AE2F7D-B95C-488C-8E52-89DD28E1080F}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F1F68857-A6C9-4709-92BB-725A1E95195B}] => (Allow) A:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{25945F1C-0101-4969-BFA2-8C426BAD9CBA}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{89413AB3-8CF1-4000-8C3F-B8388F432C7C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{B38C8EC4-BEBB-4741-B9D8-0BEAFEE5DA12}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{88727A6B-8048-4801-AFC4-D09EFA478B50}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{644F31A6-9455-4FCD-88F3-3CC77E599DD8}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{050434C1-1D27-4C05-8DF2-41CA88F8FE45}A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Block) A:\program files (x86)\activision\call of duty black ops ii\t6sp.exe (Valve Corporation -> Activision Publishing Inc.) [File not signed]
FirewallRules: [TCP Query User{5DA5A9B5-9182-4598-816F-93A4DD90D0B6}A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe] => (Block) A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{3A594F15-9F59-4589-A012-AF819488A1B7}A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe] => (Block) A:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{2113430D-9119-47A3-92D1-E8E2765AB7EF}] => (Allow) A:\Program Files\Ventrilo\Ventrilo.exe (Flagship Industries, Inc.) [File not signed]
FirewallRules: [{C3FEFD35-7AA1-41AD-AA95-DF00C5560021}] => (Allow) A:\Program Files\Ventrilo\Ventrilo.exe (Flagship Industries, Inc.) [File not signed]
FirewallRules: [{F1ED94B3-6B26-4A8E-961E-7B9B38BF030C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{9CDD9369-50FB-4076-AA41-A1A448C198AE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{CE4D5D4C-149F-4B63-AE61-F2ABED0CA4C3}] => (Allow) A:\Program Files (x86)\Starcraft II eu\StarCraft II\StarCraft II Public Test.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{67B95486-108D-4EC7-BD69-7AE9B87344BE}] => (Allow) A:\Program Files (x86)\Starcraft II eu\StarCraft II\StarCraft II Public Test.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{206E0351-08E8-4948-A688-16B43E2945F3}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{FFC5F972-7945-4267-A75D-9B086DC9876C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\i0l\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{0A5D5F93-163C-40B1-B78F-89D9BF4575F9}A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe () [File not signed]
FirewallRules: [UDP Query User{B865A625-87E1-4EA1-830E-B4FB9DEFDD87}A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) A:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe () [File not signed]
FirewallRules: [TCP Query User{BCCC8576-6211-4145-8899-9C286BB8C26A}A:\program files (x86)\byond\bin\byond.exe] => (Allow) A:\program files (x86)\byond\bin\byond.exe () [File not signed]
FirewallRules: [UDP Query User{2A62F0E0-B03B-48A7-B1B8-73C784F6D013}A:\program files (x86)\byond\bin\byond.exe] => (Allow) A:\program files (x86)\byond\bin\byond.exe () [File not signed]
FirewallRules: [{8C72C192-1DF3-40C3-B912-6279BB2A809E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{E958E293-D313-4F5A-A0CE-A88EA4D2FC86}] => (Allow) F:\Program Files (x86)\Steam\steamapps\tc2501\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{B4BF4C47-7FA1-40BF-A054-D08DD91075B6}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA671709-421B-4236-9C03-153BAC1BE689}] => (Allow) C:\Users\terry\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A361113F-2C66-4626-82DB-0C51CE02C7B4}] => (Allow) A:\Crysis3\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{D5327641-C73B-4546-A62B-6D611A68E4D0}] => (Allow) A:\Crysis3\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{30EA2DB2-A338-432D-A4D0-F9B11B66ECF6}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{1AF40D82-B4CC-4B8C-9671-B47D8721D6C5}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{DFD643A7-5061-4E61-B1B0-ADED411FFD36}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [{59B8BCB2-254F-47C9-BF7C-E2C2A6479026}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (GIRAFFIC TECHNOLOGIES LTD -> Giraffic)
FirewallRules: [TCP Query User{4A566E49-E989-4603-A28C-3659BC8CB28C}A:\bw\starcraft no install\starcraft no install\starcraft.exe] => (Allow) A:\bw\starcraft no install\starcraft no install\starcraft.exe ()
FirewallRules: [UDP Query User{8099C1EB-B54E-4148-9241-F16DC7A76814}A:\bw\starcraft no install\starcraft no install\starcraft.exe] => (Allow) A:\bw\starcraft no install\starcraft no install\starcraft.exe ()
FirewallRules: [{3AD8E14C-6D71-42ED-B2B2-630D59827B0D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{74345185-B09B-458F-8AF4-A5CB4046C60F}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{5978994A-4227-417A-AD6B-5C8619EA647D}] => (Allow) A:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{5F4B5628-FB30-4D4E-87C1-83EB1432A232}] => (Allow) A:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{DE050A5B-DC89-41BA-A76C-416FAE07BB47}] => (Allow) A:\warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [{6B2F9E02-4937-4094-B2B7-D6663C5FED31}] => (Allow) A:\warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [{2DEA679F-999A-4E08-BE5A-FB65CA804926}] => (Allow) A:\warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [{BE988E87-67E5-454A-8DC8-6468A618C029}] => (Allow) C:\Users\terry\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes -> Digital Extremes)
FirewallRules: [TCP Query User{44527F4E-B61D-4ADF-8F9E-57F7B4EFD299}A:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) A:\program files (x86)\saints row iv\saintsrowiv.exe (Koch Media GmbH) [File not signed]
FirewallRules: [UDP Query User{BB29FCF6-49B6-427A-9366-6D7E7292F803}A:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) A:\program files (x86)\saints row iv\saintsrowiv.exe (Koch Media GmbH) [File not signed]
FirewallRules: [{2C02E6B3-274C-4B15-9BE4-EE58A7D33523}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{8DEAC5A6-4DE3-4640-921D-84DF7E795141}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{A67D0586-84FD-403D-B1A7-43249913854F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{F13471BE-4303-4A0A-A9AB-580306EFA56C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{76B40261-4F53-4BD8-8D54-D7222C85D234}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{F442CD31-C821-4D11-80D8-90D93602B721}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [TCP Query User{2DF71AEF-2BEF-4F3D-8012-A07A3256AE6E}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{0D25F8CD-A25E-4294-B510-91DF50A36E68}F:\program files (x86)\mirc\mirc.exe] => (Allow) F:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{0CAAB8E4-4013-4D7B-BC2D-E33629C0CA56}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{184E594B-9D07-4DE9-B1CE-AEE53612BF5D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{63C0A54B-ACB6-4767-A67E-596CA918D9CE}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{87F1E680-2806-4436-88CE-39CB94D8C7E8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{80D21E0C-1B38-40D6-8B12-A4BBA636403D}F:\program files (x86)\steam\steam.exe] => (Allow) F:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{CBD6BCFC-B806-4663-9531-7BF2545910C5}F:\program files (x86)\steam\steam.exe] => (Allow) F:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F64176D7-06F4-4F40-BEB5-CFCBB0C4E343}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{44B1228E-CD67-4749-A39F-79EEDF382C82}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{F4577E77-850F-48EE-81F8-5493A1BEABF2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{20776ABE-0EA5-4780-AAA6-525DC3CF4813}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{17D536ED-92D8-4089-A5F6-1FBCFC3494E1}] => (Allow) A:\Program Files (x86)\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{A5634E57-805D-47C3-AB8E-88CF69D0B473}] => (Allow) A:\Program Files (x86)\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{0BF279FC-D98D-4CF0-B30A-5EDCC33BE670}] => (Allow) A:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{94DC5E06-968C-4356-9291-217FC34D5E4F}] => (Allow) A:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4ABB5A65-B9C5-4B51-B040-215E305CAD35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7F5DAD98-D61E-4D1A-8311-2049D4E1FD7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{79B33FD3-1F94-4638-BB33-73F7F5D6A44D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{901EF084-868E-4B0E-9EA1-01D93A318593}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{D9E48C0F-1334-4CCE-AB97-21819ECA3AD8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{4219ACB0-354F-4B52-A5C3-343F16736A92}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe (CAPCOM U.S.A, INC.) [File not signed]
FirewallRules: [{FECF21D8-1F6D-450B-BF62-D57BC1C048AB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{277A97DF-0DEA-4F22-A787-93907825B463}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{F3D50288-B90F-4E23-B331-E762E03653B5}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\dota 2 beta\dota.exe (Valve -> )
FirewallRules: [{78C2C84E-AB3B-46A6-A378-CF7484E8944D}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\dota 2 beta\dota.exe (Valve -> )
FirewallRules: [TCP Query User{5ECDA845-3983-4ACD-A554-13103389BADF}A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{55C8F759-B315-4F54-B456-FB680FC2F3F2}A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) A:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{A90B33B0-A545-4EA9-8BB6-543C7B999931}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{404A9D1F-3B65-44EA-B73E-A3643596E536}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{C62BF1FC-86A7-4880-A84F-DA5E22FF3950}] => (Allow) A:\bf4\Battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{DDED6AB2-D56E-4209-B7A7-9EC3566B76B5}] => (Allow) A:\bf4\Battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{21D88C38-6E13-492F-9F7C-9DFABA78D3AA}] => (Allow) A:\bf4\Battlefield 4\bf4.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{7731E2EE-5B4F-4A1B-AA24-14540045FDD9}] => (Allow) A:\bf4\Battlefield 4\bf4.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{8DAE217E-A3CF-4418-9D08-79D26640BE89}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{29977297-47C5-446A-9A6C-4D4A2C7826B6}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{6AF3F741-5539-4CBA-A99C-6AD32A5944AF}] => (Allow) A:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe (Microsoft Corporation -> Lionhead Studios Limited)
FirewallRules: [{BD94A1F7-34A8-47D0-ACCA-5C29496B2396}] => (Allow) A:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe (Microsoft Corporation -> Lionhead Studios Limited)
FirewallRules: [{3CEFE405-FA0C-405D-91C0-F8E3517A9D7B}] => (Allow) A:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence -> Telerik)
FirewallRules: [Daum PotPlayer(PotPlayerMini.exe)] => (Allow) A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [{A0546A19-1F73-4621-A70D-FE6A0E9BCAC9}] => (Allow) A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe (Daum Communications Corp. -> Daum Communications)
FirewallRules: [{E2DA0A6D-A7A1-4AD6-A0B3-B859FFC63B73}] => (Allow) A:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{955D5DCA-4319-4B18-88A7-04E6DF232AAD}] => (Allow) A:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C41F186E-15E4-42E4-B68B-B6560741619C}A:\program files (x86)\real boxing\binaries\win32\realboxing.exe] => (Allow) A:\program files (x86)\real boxing\binaries\win32\realboxing.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{F981DE12-892A-406E-ADBA-A52F90225AFA}A:\program files (x86)\real boxing\binaries\win32\realboxing.exe] => (Allow) A:\program files (x86)\real boxing\binaries\win32\realboxing.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{528C30F0-93E8-4F93-B3EF-0498262E21CE}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{49D6D8BB-5178-4BCB-8B31-8E1918585808}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{D46BA574-F379-4DAB-86C3-713522F7CA49}C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe (Octoshape ApS -> Octoshape ApS)
FirewallRules: [UDP Query User{4157B4E3-F779-48A3-893B-227D5E3EFE1B}C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\terry\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe (Octoshape ApS -> Octoshape ApS)
FirewallRules: [{A1F27807-824D-4368-ACAC-1D747B74008B}] => (Allow) LPort=8145
FirewallRules: [{4797FB1D-15DA-4F22-A26E-D1D00F791985}] => (Allow) LPort=5000
FirewallRules: [{6FC3BEDC-5E02-4EAE-AEA4-8BB69BEB1CA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{F82B4DFC-4214-4328-8886-B09C354C996E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{A5DBFEBB-5807-410E-9578-B0DE42D97C7D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{A6E05BF0-19ED-48C9-9E8B-1B909A92841F}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe () [File not signed]
FirewallRules: [{CCCADBB1-D89A-42FD-99CC-716B1983CDC4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAACCBF2-7F5A-4A32-96C2-EF7BA3613505}] => (Allow) LPort=2869
FirewallRules: [{A3C22D35-9372-4496-BA32-53700FEBB96A}] => (Allow) LPort=1900
FirewallRules: [{ABEFCFBD-EFFF-42DA-BA46-9D87E6EFF275}] => (Allow) A:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe (2K Sports) [File not signed]
FirewallRules: [{B4490D1B-C93B-4470-AFC0-607E1724E6D9}] => (Allow) A:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe (2K Sports) [File not signed]
FirewallRules: [{AC32FEBF-E9AE-48E7-8B91-FEA6E5A17ED4}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{9F9C8636-5C02-476C-99A5-F79988933598}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{4C1C332A-75BC-469D-963F-71360044AF2D}A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare Software)
FirewallRules: [UDP Query User{1DE600E2-12E1-4507-8477-61DF730F4895}A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare Software)
FirewallRules: [TCP Query User{CB281F89-BE82-46DF-A435-79C57AEB6BA6}A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> MediaServer)
FirewallRules: [UDP Query User{3E973AE3-35A4-475F-96EE-6BF6E6FA5543}A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) A:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> MediaServer)
FirewallRules: [TCP Query User{A464AE88-6116-461E-BE87-38C9A09D3266}A:\mass effect 3\binaries\win32\masseffect3.exe] => (Block) A:\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [UDP Query User{C1933A38-F842-4046-A390-A551003B5EB0}A:\mass effect 3\binaries\win32\masseffect3.exe] => (Block) A:\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [{DB73E45D-C61E-4ECA-A06E-89484D545F87}] => (Allow) A:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{EFE86E04-6043-4480-B7AB-97C08B58BEEF}] => (Allow) A:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{67376B45-FB90-4291-B745-3785CDCBF0FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{35947880-113F-42D5-AEE8-A56B1C77FCE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]
FirewallRules: [{6B0068CE-60F2-4A85-99C0-EAA78DEE3013}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\left 4 dead\left4dead.exe () [File not signed]
FirewallRules: [{13B4DC25-479F-48FF-9A61-2241B94D99EF}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\left 4 dead\left4dead.exe () [File not signed]
FirewallRules: [{29BA4B67-615A-423D-B567-8F3954635B2F}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FCC44B0E-8270-48F4-A829-0C2C8BD51DA4}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF864EB4-DCAA-4910-BBE5-C7C0D7AE4DB7}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{59C19018-2E46-4A43-9FAB-6B929214AED5}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E88264E9-C6D9-44FF-8B8D-CC8386442D1B}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0109BECA-E48B-4E8C-B094-7F38F2175828}] => (Allow) C:\Users\other\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3EE7BA5C-7962-4005-BC0A-48504B44D629}] => (Allow) A:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories, Inc. -> Dolby Laboratories)
FirewallRules: [{22AC7EDB-DC7C-4ADD-9882-698CE6354720}] => (Allow) A:\Program Files (x86)\DolbyAxon\Axon.exe (Dolby Laboratories, Inc. -> Dolby Laboratories)
FirewallRules: [{8E6D1F8A-8E62-4118-9D2C-C0A89194421F}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Creativerse\Creativerse.exe () [File not signed]
FirewallRules: [{2A4FCCC0-9E71-4293-B226-BD0F60B876CA}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Creativerse\Creativerse.exe () [File not signed]
FirewallRules: [TCP Query User{BE11D152-BD14-4789-8F45-A2CFB48C9743}A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File
FirewallRules: [UDP Query User{750E9845-2F0E-468A-AC4D-FE6BFE7EB54D}A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) A:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File
FirewallRules: [{8FAA06FE-920D-4996-8226-265410BC9D73}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{19C16764-1678-4B20-8753-7C8F6F15D1A0}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{19D10B66-4F58-472E-9DA5-E0FDDF6C8161}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9128F3F3-9E50-4C92-BED4-12235EDE4E4A}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D17225F9-F3AE-4523-BC02-D3CE40E26230}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F37CCF67-B50B-42C3-8D20-94E5B6F54CB0}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DEB6146B-FB14-48A1-8367-2FF3D5EAE394}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{8376C750-DC9C-48F0-ACE7-5F427AEDAD2F}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{F44E381D-705D-4B6F-930D-843C26504965}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{D217D226-43AD-41BB-972E-94CB0F21E442}] => (Allow) F:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86872253-2A82-482D-8BE5-55C6D202BA64}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\TreeOfSavior\release\patch\tos.exe (IMC Games Co., LTD -> ) [File not signed]
FirewallRules: [{8C5B20B0-DF7C-4B6A-BCC4-125A48B7B67A}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\TreeOfSavior\release\patch\tos.exe (IMC Games Co., LTD -> ) [File not signed]
FirewallRules: [{5565FB98-DA9D-4C18-B350-D653D4C6BC97}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Dropzone\bin\DropzoneSteamClient_x32_rel.exe (Sparkypants Studios, LLC -> SparkyPants Studios)
FirewallRules: [{92020E8F-5920-448C-8130-54AF78F83161}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\Dropzone\bin\DropzoneSteamClient_x32_rel.exe (Sparkypants Studios, LLC -> SparkyPants Studios)
FirewallRules: [{8645B6C0-3239-4A46-B1D9-8CBBA5ECCF4F}] => (Allow) A:\Program Files (x86)\Starcraft\StarCraft\StarCraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{44D0032A-D565-417D-AE69-64931AE79019}] => (Allow) A:\Program Files (x86)\Starcraft\StarCraft\StarCraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B30C07D9-87C3-4C9A-8D40-63546D1677D4}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3259EA86-617A-4A49-BD18-9A86755ABA4D}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{CB42D714-463A-4D4C-A3B6-DFCD1A93641D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe () [File not signed]
FirewallRules: [UDP Query User{AD9B6E56-2E39-413A-912C-F3EAEC087E01}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe () [File not signed]
FirewallRules: [{CCE5E16D-453A-4D48-B103-BA65FF8E5608}] => (Allow) A:\Users\terry\AppData\Roaming\Nox\bin\Nox.exe (Duodian Online Technology Co. Ltd. -> Duodian Technology Co. Ltd.)
FirewallRules: [{DF36F555-8DEA-49F7-ACF4-99B41254D129}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8481414A-20EB-4807-8803-DD47AC57BDDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3C77BD7E-F870-4E98-89D3-112ED26AE969}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A02DD096-0C68-44B1-B14A-1F144B114C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68A23CAA-B698-4680-9125-03E0EFA4E61A}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{61CB1117-819E-4836-B649-17FF83536403}] => (Allow) A:\Program Files (x86)\Steam\Steamgames\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [TCP Query User{84EEB606-DE6F-470A-B213-8E26632983AF}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Allow) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{AED7B9DD-7223-488A-A52E-2652F75E2A43}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Allow) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [{7A1AAF6F-F3BA-4330-8DD5-349DCDCFB18A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9EF17675-D70B-4BD6-8ED1-54AC89068181}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EE8BEACE-F82F-4CCA-B0EE-08298FE9043F}] => (Allow) A:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{2ADE3F10-F5D7-4904-BA8D-22EDB430EE10}] => (Allow) A:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{B88D47DB-40CE-43A5-9519-0FCC7E37D6E6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe () [File not signed]
FirewallRules: [{FED873A1-047B-441A-9E5F-3BDC75BA290C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe () [File not signed]
FirewallRules: [{5739D4B2-F391-490A-B927-5C023E712336}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe () [File not signed]
FirewallRules: [{8FF2ACF4-25C2-4A11-BA26-5A60C0942325}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe () [File not signed]
FirewallRules: [{5E2A886C-8332-4CD2-BF7D-42379E8ED99B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [File not signed]
FirewallRules: [{8A77E3E2-7BC4-4AD3-AE52-25FB695C9D7E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [File not signed]
FirewallRules: [{69FAD7E7-1B08-4359-9248-DE7794632546}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [File not signed]
FirewallRules: [{D55C7230-D98D-4F45-830A-AABCF749618D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [File not signed]
FirewallRules: [TCP Query User{597EE800-CF20-48AF-8031-532368D3A462}A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D5466F85-A52A-46C1-8710-E6230D231F24}A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{CBBE083C-2136-4AAF-8195-7795A97FA59F}A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9511A9AA-B688-4361-8638-1593C2089A4A}A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) A:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7E9B1261-31EF-4A8D-98E5-22D864222DF4}A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3A591786-2855-4012-A3B4-F8347989FC21}A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) A:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F5ED45AC-A0BA-4678-9C0E-2C1C3107D03E}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [UDP Query User{B2A9403A-5867-4D04-9748-EDA5F16BFEFF}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [{1C4B0CC7-3356-42C7-904B-CD1DE3165971}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{55E841F3-11D8-4004-A905-F06E1D240718}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{2352A751-BB20-4EA2-A26A-B27FADD0F9A5}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C9EBCBB0-A326-40CD-A221-0A60CA296DA1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{40A5266C-77EB-4B31-91A1-2A5BC3F38AE1}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{5FE273B7-CBDE-4B13-B188-C0F1C7256CA4}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{3B0CE42F-6770-48D8-8B3B-58D3F2CCD77F}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{F484E807-23B6-45AB-8DDC-942EAE50A00E}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{C07A6442-EE2E-474E-AD6A-EF229C7B7E5A}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Block) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{3995E306-9F48-4201-943E-1276A2D6CCFF}F:\program files (x86)\2k games\nba 2k17\nba2k17.exe] => (Block) F:\program files (x86)\2k games\nba 2k17\nba2k17.exe (Take-Two Interactive Software, Inc. -> ) [File not signed]
FirewallRules: [{4169D53A-E05A-4E68-BB9E-31A87B9FA3A4}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{DFB0844F-6E96-4F0A-A148-5C87FC1442C2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{57F4C971-2B0D-41CB-A6A7-A027562CED79}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{25C840CA-1FBC-49E2-BF22-43BF6D36F258}] => (Allow) C:\Users\terry\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{097A3B9E-0598-4DCB-9202-B3ABA8785287}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{418BCD4E-586A-486E-BE3D-304C6547A851}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{318A8CB6-3E33-4202-AC29-8BB5ED061A1A}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4E38FF37-AB9C-4EF6-97E1-27DFC6923C48}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{F9A7035F-3B43-41D1-81C9-86CAAEC3F8C3}A:\bf4\bin\javaw.exe] => (Block) A:\bf4\bin\javaw.exe
FirewallRules: [UDP Query User{861D9680-D660-4F63-9CFA-778E06DDA75D}A:\bf4\bin\javaw.exe] => (Block) A:\bf4\bin\javaw.exe
FirewallRules: [{E095D1F0-3A07-4216-9BCB-87D20FD079A7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{60B9A1B4-50A0-42A3-BF8F-69A500D4A8E7}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{84E3191A-CF65-4C1E-8D36-1423785F8DB0}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7806ED4A-20CC-44C4-BBC5-641797C33AF5}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{8B1ACDFF-703A-4D0D-AD59-626741BDE84E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [TCP Query User{C2F8799A-5F68-469B-A397-79404B7484FA}F:\program files\videolan\vlc\vlc.exe] => (Allow) F:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{27826629-5971-4398-B1FE-7F2B6DE4705D}F:\program files\videolan\vlc\vlc.exe] => (Allow) F:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{716208A8-94B6-42A3-93CF-09DBBB0CB28B}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe (Actions Microelectronics Co.,Ltd. -> Actions-Micro)
FirewallRules: [{A0CB6554-7D51-4DB9-A14C-EA045D38AF07}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe (Actions Microelectronics Co.,Ltd. -> Actions-Micro)
FirewallRules: [{8CDB97C8-C253-46E2-907B-8D0D3BFF472E}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe (Actions Microelectronics Co.,Ltd. -> Actions-Micro)
FirewallRules: [TCP Query User{3388DBDB-586E-48FF-ACC3-8DA69E3DA859}C:\users\other\appdata\roaming\emby-server\system\embyserver.exe] => (Block) C:\users\other\appdata\roaming\emby-server\system\embyserver.exe => No File
FirewallRules: [UDP Query User{7341E632-D808-400B-925F-299DECA88BCB}C:\users\other\appdata\roaming\emby-server\system\embyserver.exe] => (Block) C:\users\other\appdata\roaming\emby-server\system\embyserver.exe => No File
FirewallRules: [{D6E9B9C3-357D-4DB5-B9A8-B3614F037725}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A50B45B-4912-4C19-B63E-44C0591D819D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{91FD13FC-2B32-4BA9-B5F8-E4394E8EE503}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C22967EE-C4C8-41E2-A427-9CD8EECEDEEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1B8F73F-4824-455E-AF3B-619F50BE12DF}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{ED59BE88-24AE-4A96-BEF5-0E808BDBC6AA}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{9A52ED78-43C9-4F73-89E3-4742D2B0B7CA}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{ABBBFBFC-CA7B-4057-8FA2-EA26776C7AB2}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{B26A699F-6454-47C7-8E27-5F240C8C7B4F}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{F15F8505-65AB-4165-9816-BA3F43B934DB}] => (Allow) A:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [TCP Query User{63CAE390-FA89-49C1-9A02-80D5D5DD86F6}F:\downloads\bin\bin\networking_mvp_win.exe] => (Allow) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [UDP Query User{7632BDE4-7447-4E04-BA06-CE00AE58895E}F:\downloads\bin\bin\networking_mvp_win.exe] => (Allow) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [{7E4C0685-A443-4E6C-9B04-7D5BB2737BE8}] => (Block) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [{160F0974-0861-4677-AF04-07E686288D56}] => (Block) F:\downloads\bin\bin\networking_mvp_win.exe () [File not signed]
FirewallRules: [TCP Query User{A576A33C-E504-49A0-B980-ED0AA1015811}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{09D477DA-6A2B-42E5-87C8-08F026CAB6CD}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base81433\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{9FC1D25A-E43C-486C-A027-AF1CBEB0F028}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{D513BF05-4879-4A43-AA11-82F633C428E5}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{CD040E0C-ABCC-4A37-9848-D1FCE3786137}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{B81BD31E-71BA-4F33-B5A1-EDEAB8836E3B}] => (Allow) A:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [TCP Query User{BB5FA44B-83DD-4008-974C-D25F44DC7A3B}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe => No File
FirewallRules: [UDP Query User{4D8B6ED5-8876-44D3-A86C-D1610F0E7382}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base82457\sc2.exe => No File
FirewallRules: [{C860F1EB-C5F0-434A-9C8F-5C72D01BA703}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{716ABC17-F921-496E-A1C1-170D3AFCDD1E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48E1097C-1254-458D-8789-4D6FAF20385B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01BAD4C1-3F28-4CE6-8DC8-D00332702DFF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{106DDB52-30B4-4152-955A-F8A12A17AD8D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3991AF67-EEA2-4455-971C-AC11E57E0E07}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FFB670E7-6A99-4C48-BF4F-9380F7C57025}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFA1CB4B-E7A8-488C-B93F-29E03A414B00}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{94E97603-14FF-4BEC-88BD-45250BAC60F8}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{FCCA0679-9F42-45CF-9069-1528CE2DA4A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{365A9969-F646-4EE3-A30B-733A40564E8C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C472CC9-59D4-4E36-95B5-F34263C668F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EAE3A5C-C45B-40FE-B90C-0E888C660B74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{ACA4E20D-D702-46FE-949A-DC2D3B47DE17}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{F57788AD-D1F5-4489-B9A4-90DA7C0F8901}F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe] => (Block) F:\program files (x86)\starcraft ii\sc2-wingsofliberty-kokr-installer\starcraft ii\versions\base83830\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8AAF989E-1B28-44D1-818E-9C997A0A7BFD}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{E8D990E8-6DA3-45D5-A3FE-3ED89B20969E}] => (Allow) A:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [File not signed]
FirewallRules: [{F0610DDB-BBB7-425C-8FE7-228084B99344}] => (Allow) A:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{11AF550C-2425-4573-80B1-8813F0AF3AF8}] => (Allow) A:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{165F710D-17DA-4681-AC7B-43F55A188236}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{1820C0F5-A60A-4FF5-BF93-976867A1FF85}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{D7F442C1-272E-4FAC-A798-055535A08E2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEA864E8-3BA4-46BC-9A6D-DC16AF97F98B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63D2CF0A-E2E8-4E43-9763-D55F1F9E39F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAEFCB7A-7C43-448C-891A-F6141A41E9EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A66BEB4-2917-4D00-B92C-DDDE70119FBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B6C6CFD5-D766-4AB8-9909-BF9458CC194B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5FD3127-E622-4694-95DA-ACA910C1ED01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE2AE2ED-D302-4D38-BE80-9A0F1CE7BFB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7564C2BF-109B-42D0-9EAE-608F0076E289}] => (Allow) C:\Program Files (x86)\Apprehended\Localizing.exe => No File
FirewallRules: [{7B48D698-5372-48B4-A0CA-EAA54447E4D0}] => (Allow) C:\Program Files (x86)\Propagates\Localizing.exe => No File
FirewallRules: [{185F160E-2C8B-40C4-B0DE-FE8ADCB707C1}] => (Allow) C:\Program Files (x86)\molto\Revelatory.exe => No File
FirewallRules: [{E91BCFC2-821E-4652-95EA-30A9EFBB2A16}] => (Allow) C:\Program Files (x86)\Propagates\Revelatory.exe => No File
FirewallRules: [{ECE9A5AA-164A-496D-B1F7-27CE191582AD}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe => No File
FirewallRules: [{625215B7-50B3-4925-971D-F6DCC9CA43AE}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe => No File
FirewallRules: [{A4D57D62-3220-4050-9078-00482FB2A0E9}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe => No File
FirewallRules: [{F49C6010-6C94-4CF7-8467-60EFDE110333}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe => No File
FirewallRules: [{C90B9897-E681-4FBB-B3E2-9AC338A7320B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A6789889-CA23-4EA8-8B10-490F4A94A085}] => (Allow) A:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C0D12867-B86F-4CF3-8364-B372AD1504AD}] => (Allow) A:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{CF099427-E312-4811-951E-5B307EFEA178}F:\program files (x86)\svp 4\svpmanager.exe] => (Allow) F:\program files (x86)\svp 4\svpmanager.exe (Dondoshanskii Konstantin Sergeevich -> SVP-Team.com)
FirewallRules: [UDP Query User{787539B1-1A75-47E1-8920-2FF184299B42}F:\program files (x86)\svp 4\svpmanager.exe] => (Allow) F:\program files (x86)\svp 4\svpmanager.exe (Dondoshanskii Konstantin Sergeevich -> SVP-Team.com)
DomainProfile\AuthorizedApplications: [A:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe] => Enabled:Daum PotPlayer
DomainProfile\AuthorizedApplications: [A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe] => Enabled:Daum PotPlayer
StandardProfile\AuthorizedApplications: [A:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe] => Enabled:Daum PotPlayer
StandardProfile\AuthorizedApplications: [A:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe] => Enabled:Daum PotPlayer
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:111.17 GB) (Free:6.14 GB) (6%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (03/14/2021 03:07:46 PM) (Source: DCOM) (EventID: 10010) (User: terry-PC)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (03/14/2021 03:07:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/14/2021 03:07:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MaskVPNService service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (03/14/2021 03:07:25 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (03/14/2021 03:07:16 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: XQHDrv.sys
 
Error: (03/14/2021 03:06:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 
Error: (03/14/2021 03:06:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 
Error: (03/14/2021 03:06:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
 
 
==================== Memory info =========================== 
 
BIOS: Award Software International, Inc. F2 03/25/2011
Motherboard: Gigabyte Technology Co., Ltd. P67X-UD3-B3
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 31%
Total physical RAM: 16367.11 MB
Available physical RAM: 11247.74 MB
Total Virtual: 32751.11 MB
Available Virtual: 25256.56 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:1857.16 GB) (Free:118.09 GB) NTFS
Drive c: () (Fixed) (Total:111.17 GB) (Free:6.14 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:3725.86 GB) (Free:2514.92 GB) NTFS
Drive f: (Local Disk) (Fixed) (Total:931.51 GB) (Free:84.32 GB) NTFS
Drive m: (Premiere Pro CC 2017) (CDROM) (Total:1.25 GB) (Free:0 GB) UDF
Drive n: (Disk1) (CDROM) (Total:6.01 GB) (Free:0 GB) UDF
Drive p: () (Fixed) (Total:0 GB) (Free:0 GB) 
Drive q: (maxone) (Fixed) (Total:149.04 GB) (Free:147.01 GB) exFAT
 
\\?\Volume{d902d9da-23a5-11e1-bd2d-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{93e9e073-0000-0000-0000-20d11b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 93E9E073)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=533 MB) - (Type=27)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 915BBCF9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 57C6E725)
Partition 1: (Not Active) - (Size=1857.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=5.9 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
 
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 61371953)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================


 

  • 0

#4
RKinner
Posted 14 March 2021 - 07:32 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Did you create the user called "other" ??

 

Your log looks a lot better.  Are you still getting the clicks and ads?

 

Best to run MBAR to make sure there's nothing hidden that I can't see:

 

https://www.malwareb...om/antirootkit/

Click on Download then Save and right click and Run As Admin.  Follow the instructions.

 

You are getting errors from something called:

Nox App player.  Don't know much about it.  If it's something you use you might want to try uninstalling then install the latest version otherwise uninstall.

 

Also seeing errors from MaskVPN so uninstall and/or reinstall.

 

Your C: drive is about out of space.  You need to have about 11% of free space so that Optimize (defrag) can work.  Perhaps if you right click on the C: drive and select Properties then Disk Cleanup then

Cleanup System Files then check everything it will free up enough space.  If not you will need to move some files to another drive.


  • 0

#5
Terryc250
Posted 14 March 2021 - 09:00 PM

Terryc250

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Yes I did create that user.  Everything seems to be working well now.
I'll run mbar and follow the instructions.  I'll remove those apps as well since they aren't really anything I use. 

Thanks a lot!


  • 0

#6
RKinner
Posted 15 March 2021 - 08:40 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Assuming there are no other problems:
Time to clean up:
If we used FRST to clean your PC:
 
right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.
 
 
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Flash is now officially obsolete and should be removed!  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan (now renamed Intel Security Scan).  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.
 
 
If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:
 
chrome://settings/
 
Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.
 
Change
Continue running background apps when Google Chrome is closed
to Off (slide the blue thing to the left and it turns brown)
Close Chrome.
 
 
If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser.  If that helps then one or more of your extensions is at fault.  Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.
 
If you are a Facebook user get the FB Purity extension for your browser:
This will stop all of the suggested pages and ads so that Facebook loads much quicker.
 
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.com beforeyou open them.
 
Due to a recent rise in the number of Cryptolocker infections I am now recommending you install:
 
It's currently a free version.
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. 
 If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not the latest.  If in doubt uninstall all.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.
 
If you are running Win 10 you probably want OpenShell: 
 
 
  This program will make Win 10 act like Win 7 with the same controls you are used to.
Download Link:
 
 
Recommended free software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Media Player it never seems to need extra files to work.
Office like free program:  Open Office: https://www.openoffice.org/download/
or
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo...download_speccy(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.
Video Downloader Professional  To save online video.   This extension (available for Chrome or Firefox)  allows you to start a recording and then switch to a different window and record another video.
Download YouTube Videos:  4K Video Downloader (Separate Program) https://www.4kdownlo...videodownloader
You have to copy the URL then hit the + button on the program.  Then select quality. There is a license activate window but you just close it.
With Win 10 only there is a new Game recorder program.  It's supposed to only work for games but it works nicely to record any video you watch.  Hit the Win key + Alt + r to start the recorder.  The first time it asks you if it is looking at a game.  Just tell it yes.  After that it starts recording whenever you bring it up.  Videos are saved to the Captures folder under Videos.  You can only record what you watch so limited to only one video at a time.  Best to go to full screen before starting the recorder.
 
Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.
Seagate hard drives.  If you have one it's going to fail on you so backup your data now!

  • 0

#7
Terryc250
Posted 15 March 2021 - 04:20 PM

Terryc250

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Thanks a ton! Love OpenShell!


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP