Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021 Ran by Mike (14-06-2021 17:42:02) Running from C:\Users\Mike\Desktop Windows 10 Pro Version 21H1 19043.1052 (X64) (2020-06-28 03:37:25) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3967705999-1235421771-3941837385-500 - Administrator - Disabled) Andrew (S-1-5-21-3967705999-1235421771-3941837385-1003 - Limited - Enabled) => C:\Users\Andrew DefaultAccount (S-1-5-21-3967705999-1235421771-3941837385-503 - Limited - Disabled) Guest (S-1-5-21-3967705999-1235421771-3941837385-501 - Limited - Disabled) Mike (S-1-5-21-3967705999-1235421771-3941837385-1001 - Administrator - Enabled) => C:\Users\Mike WDAGUtilityAccount (S-1-5-21-3967705999-1235421771-3941837385-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) adbLink version 4.1 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 4.1 - jocala.com) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) Amazon Games (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 1.7.172.1 - Amazon.com Services, Inc.) Amazon Kindle (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Amazon Kindle) (Version: 1.29.0.58059 - Amazon) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team) Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - ) BleachBit 4.2.0.1795 (HKLM-x32\...\BleachBit) (Version: 4.2.0.1795 - BleachBit) ComicRack v0.9.154 (HKLM\...\ComicRack) (Version: v0.9.154 - cYo Soft) CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.) CrystalDiskInfo 8.12.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.1 - Crystal Dew World) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1709 - Disc Soft Ltd) Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - ) DeskPins (HKLM-x32\...\DeskPins) (Version: 1.32 - Elias Fotinis) Discord (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.) DoNotSpy10 2020 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 5.2.0.0 - pXc-coding.com) EmulationStation (HKLM-x32\...\EmulationStation) (Version: - ) Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.) Epic Privacy Browser (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Epic Privacy Browser) (Version: 87.0.4280.88 - Epic) Eraser 6.2.0.2992 (HKLM\...\{6735C886-F5F0-446A-BB8C-03B92BA6775D}) (Version: 6.2.2992 - The Eraser Project) Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook) FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 29.0.1.0 - FlashPeak Inc.) Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio) Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.0.0.49893 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: - ) Game Debate Hardware Scanner version 0.1.3 (HKLM-x32\...\{D81698E2-9F9C-4C66-BC9C-FC7F7FCFA55D}_is1) (Version: 0.1.3 - Social Webtech LTD) GameInput Redistributable (HKLM-x32\...\{93B91052-9882-92F9-45E4-2EA38BC07D9E}) (Version: 10.1.19041.3357 - Microsoft Corporation) GameSessions Data Delivery x86 (HKLM-x32\...\{8CFD5A0D-0810-4C17-B99F-FF6D83E0BC0E}) (Version: 2.0.11022.0 - Tangentix Ltd) GameSessions Runtime x64 (HKLM\...\{23FA3862-F6FB-46C2-A536-071AEAF5949C}) (Version: 2.0.13036.0 - Tangentix Ltd) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.101 - Google LLC) Google Chrome Canary (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Google Chrome SxS) (Version: 93.0.4542.0 - Google LLC) Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google) Google Video Support Plugin (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.) GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.) GoToMeeting 10.16.1.19709 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\GoToMeeting) (Version: 10.16.1.19709 - LogMeIn, Inc.) Grabber v7.1.1 (HKLM\...\{8C007AE6-3F7D-41CC-AB7C-75C08C276EC8}_is1) (Version: v7.1.1 - Bionus) HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.23.318 - SurfRight B.V.) HUE HD Webcam (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.19.121 - Clique) Inquisit 4 Web Player (HKLM\...\{6D866A24-1844-4937-B718-35C694850FDA}) (Version: 4.0.10.0 - Millisecond Software) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit) iPod Support (HKLM\...\{4B5933A1-A781-400E-B4A2-3ECC375375E4}) (Version: 120.7.3.55 - Apple Inc.) IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan) Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Kast 2.13.0 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.13.0 - Evasyst, Inc.) KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.12.15.493 - KC Softwares) Kingdom Hearts HD 1 5 and 2 5 ReMIX (HKLM-x32\...\Kingdom Hearts HD 1 5 and 2 5 ReMIX_is1) (Version: - ) Kingston SSD Manager version 1.1.2.6 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.6 - Kingston Digital, Inc) Kodi (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Kodi) (Version: - XBMC Foundation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains) Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.48 - Microsoft Corporation) Microsoft Edge Beta (HKLM-x32\...\Microsoft Edge Beta) (Version: 92.0.902.9 - Microsoft Corporation) Microsoft Edge Canary (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Microsoft Edge SxS) (Version: 93.0.916.0 - Microsoft Corporation) Microsoft Edge Dev (HKLM-x32\...\Microsoft Edge Dev) (Version: 93.0.910.5 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.48 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14026.20270 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3967705999-1235421771-3941837385-1003\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 3.1.13 (x64) (HKLM-x32\...\{df32638d-0722-47cb-b084-3dd851b1146e}) (Version: 3.1.13.29816 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0 - Mozilla) Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds) NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation) NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation) NVIDIA GeForce NOW 2.0.25.119 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.25.119 - NVIDIA Corporation) NVIDIA Graphics Driver 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden OneClickdigital Media Manager (HKLM-x32\...\{D27E3096-E1C7-4BF1-923B-13E522646EBF}) (Version: 80.0.0.0 - Recorded Books) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC) Opera GX Stable 75.0.3969.285 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera GX 75.0.3969.285) (Version: 75.0.3969.285 - Opera Software) Opera Neon (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS) Opera Stable 68.0.3618.165 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software) Opera Stable 76.0.4017.177 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera 76.0.4017.177) (Version: 76.0.4017.177 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.) PlayStation™Now (HKLM-x32\...\{EE02E98B-D7D2-4778-B799-8C762294C619}) (Version: 11.0.2 - Sony Interactive Entertainment Network America LLC) Plex Media Server (HKLM-x32\...\{99123347-4b8a-427c-9ca6-37ea6e1e5de2}) (Version: 1.22.3.4392 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{E7101C06-807C-403A-9E9F-F7E86C14E0A4}) (Version: 1.22.3392 - Plex, Inc.) Hidden Port Forward Network Utilities version 3.3.0.0 (HKLM-x32\...\{532683E3-230C-49B0-9609-10A5228F1445}_is1) (Version: 3.3.0.0 - Portforward, LLC) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210428 - Kakao Corp.) PowerToys (Preview) (HKLM\...\{76C2F219-2C72-4DBD-BC9E-F6DAE909AAB6}) (Version: 0.37.2 - Microsoft Corporation) PPSSPP (HKLM\...\PPSSPP_is1) (Version: 1.10.3.0 - PPSSPP Team) Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64) Rambox 0.7.7 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{a96f5dae-a9ee-56cc-8ed9-dc244a5f7ff3}) (Version: 0.7.7 - Rambox LLC) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1015.1016.1016.191212 - REALTEK Semiconductor Corp.) Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.) Roblox Player for Mike (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\roblox-player) (Version: - Roblox Corporation) Room EQ Wizard 5.19 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.19 - John Mulcahy) RuneScape Launcher 2.2.8 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.8 - Jagex Ltd) Send Anywhere 20.12.230853 (HKLM-x32\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 20.12.230853 - Estmob Inc.) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 - ShareX Team) Sidekick (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Sidekick) (Version: 80.5.29.4010 - The Sidekick Authors) Simkl Tracker (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\SimklTracker) (Version: - Simkl) Skype version 8.73 (HKLM-x32\...\Skype_is1) (Version: 8.73 - Skype Technologies S.A.) SmartClose 1.3 (HKLM-x32\...\SmartClose.{7F22CBCB-92B5-4F5D-9A34-BB690215BEF2}_is1) (Version: 1.3 - BM-productions) Sonarr version 2.0 (HKLM-x32\...\{56C1065D-3523-4025-B76D-6F73F67F7F71}_is1) (Version: 2.0 - Team Sonarr) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) SRWare Iron (64-Bit) version 88.0.4500.0 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 88.0.4500.0 - SRWare) Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.05 - Stardock Software, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stopping Plex (HKLM-x32\...\{421070D8-E564-4930-87F0-3F1010923FDF}) (Version: 1.22.3392 - Plex, Inc.) Hidden TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp) TinyTake (HKLM-x32\...\{7024F0F8-5C9F-4FBA-A9B9-3408A6E4A8D5}) (Version: 5.2.16.0 - MangoApps) Hidden TinyTake by MangoApps (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{6251654b-2b4e-4f33-85ef-16541aa1020a}) (Version: 5.2.16.0 - MangoApps) TinyTake Filter 1.0.0 (HKLM\...\TinyTake Filter_is1) (Version: 1.0.0 - ) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) TurboTop 2.8 (HKLM-x32\...\TurboTop_is1) (Version: 2.8.0.21 - Savard Software) Twitch (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft) Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation) Vivaldi (HKLM-x32\...\Vivaldi) (Version: 4.0.2312.24 - Vivaldi Technologies AS.) Vivaldi (HKU\.DEFAULT\...\Vivaldi) (Version: 3.6.2165.40 - Vivaldi Technologies AS.) Vivaldi (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Vivaldi) (Version: 3.6.2165.36 - Vivaldi Technologies AS.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.15 - VideoLAN) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden Waterfox Classic 56.5 (x64 en-US) (HKLM\...\Waterfox Classic 56.5 (x64 en-US)) (Version: 56.5 - Waterfox Ltd) Waterfox G3.1.0 (x64 en-US) (HKLM\...\Waterfox G3.1.0 (x64 en-US)) (Version: G3.1.0 - Waterfox) Waterfox G3.2.1 (x64 en-US) (HKLM\...\Waterfox G3.2.1 (x64 en-US)) (Version: G3.2.1 - Waterfox) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) WinDirStat 1.1.2 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\WinDirStat) (Version: - ) Windows Driver Package - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.) WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH) Y8 Browser 1.0.7 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\a6611861-70b4-5ed8-b9ef-d6448267637c) (Version: 1.0.7 - Y8 Games) Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos) Zoom (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.) ZorA (HKLM-x32\...\{B8DFADE5-CDE8-4453-8D05-7EB5533FFD3E}) (Version: 1.10.0000 - EpicGear) Hidden ZorA (HKLM-x32\...\InstallShield_{B8DFADE5-CDE8-4453-8D05-7EB5533FFD3E}) (Version: 1.10.0000 - EpicGear) Packages: ========= AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2021-06-03] (AccuWeather) [MS Ad] Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.5.0.0_x86__kc6t79cpj4tp0 [2021-06-03] (AMZN Mobile LLC) Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.62.0_x64__pwbj9vvecjh7j [2021-06-03] (Amazon Development Centre (London) Ltd) AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41301.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.5.37.0_x86__kgqvnymyfvs32 [2021-06-07] (king.com) CoManga -> C:\Program Files\WindowsApps\27942Xonshiz.CoManga_1.1.0.0_x64__w8j6akv5bsxee [2021-06-03] (Xonshiz) [MS Ad] Cover - Comic reader -> C:\Program Files\WindowsApps\FrenchFry.Cover_3.7.2.0_x64__a3mvwcjazefp4 [2021-06-03] (French Fry) CPlus for Craigslist -> C:\Program Files\WindowsApps\YanFlex.Craigslist_1.5.3.6_x64__xqdm6kn4nxgd2 [2021-06-03] (YanFlex) Crunchyroll -> C:\Program Files\WindowsApps\15EF7777.Crunchyroll_1.3.1.0_x64__mgdgtskya6f22 [2021-06-03] (Ellation, Inc.) Dice Shaker -> C:\Program Files\WindowsApps\8781NickWhaleyProductions.DiceSack_1.0.0.8_neutral__1cn8t67p2st3g [2021-06-03] (Nick Whaley Productions) EasyNotes for Keep -> C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGKeep_1.1.36.0_x64__rcb0qdgx4z9ca [2021-06-03] (Tim Grabinat) [MS Ad] f.lux -> C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.118.0.0_x86__sw1dyjdkns7gt [2021-06-03] (F.lux Software LLC) [Startup Task] Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-06-03] (Facebook Inc) Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2021-06-03] (Flipboard) Grover Podcast -> C:\Program Files\WindowsApps\14610MatheusI.M.GroovePodcast_3.2.9.0_x64__jx8kt06yv8vw6 [2021-06-09] (Matheus Inácio) Hill Climb Racing -> C:\Program Files\WindowsApps\FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg [2021-06-08] (Fingersoft) [MS Ad] Hulu -> C:\Program Files\WindowsApps\HULULLC.HULUPLUS_3.1.0.0_neutral__fphbd361v8tya [2021-06-03] (Hulu.) iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_7.1.0.0_x64__a76a11dkgb644 [2021-06-09] (iHeartMedia.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.13.0_neutral__8xx8rvfyw5nnt [2021-06-03] (Instagram) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-06-03] (Apple Inc.) [Startup Task] Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_4.8.0.0_x64__np8fj6akx2czy [2021-06-11] (ZiMAD) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-06-03] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) [MS Ad] Microsoft Bingo -> C:\Program Files\WindowsApps\Microsoft.MicrosoftBingo_2.6.10262.0_x86__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad] Microsoft Edge Beta -> C:\Program Files (x86)\Microsoft\Edge Beta\Application [2021-06-09] (0) Microsoft Edge Canary -> C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\Application [2021-06-10] (0) Microsoft Edge Dev -> C:\Program Files (x86)\Microsoft\Edge Dev\Application [2021-06-09] (0) Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad] Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad] Microsoft Treasure Hunt -> C:\Program Files\WindowsApps\Microsoft.MicrosoftTreasureHunt_2.2.5200.0_x86__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad] Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad] Mr. Pillster - pill reminder & medication tracker -> C:\Program Files\WindowsApps\3736WhisperArts.Mr.Pillster-pillsremindermedicinet_1.5.2.0_x86__f9ztg08dw3act [2021-06-03] (WhisperArts) [MS Ad] MusicBee -> C:\Program Files\WindowsApps\50072StevenMayall.MusicBee_3.4.1.0_x86__kcr266et74avj [2021-06-03] (Steven Mayall) Musixmatch Lyrics - Sing along Spotify, iTunes, Windows Media Player -> C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.14.4564.0_x86__7gejyv32yt3te [2021-06-03] (Musixmatch) [Startup Task] myTube Beta -> C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw [2021-06-03] (Ryken Studio) myTube! -> C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw [2021-06-03] (Ryken Studio) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-19] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-03] (NVIDIA Corp.) OverDrive - Library eBooks & Audiobooks -> C:\Program Files\WindowsApps\2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2021-06-03] (OverDrive Inc.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-06-03] (Thumbmunkeys Ltd) Pillbox -> C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664 [2021-06-03] (kidjenius) [MS Ad] Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2021-06-03] (Plex) Pocket Casts Desktop -> C:\Program Files\WindowsApps\ShiftyJelly.PocketCastsDesktop_1.5.7.0_x64__jr8twj5yc2snp [2021-06-03] (Shifty Jelly) QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.11.0_neutral__egxr34yet59cg [2021-06-03] (Paddy Xu) [Startup Task] Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.482.31052.0_x86__55nm5eh3cm0pr [2021-06-14] (ROBLOX Corporation) RoboForm Password Manager -> C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2021-06-03] (Siber Systems Inc) Simple Word Search -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleWordSearch_4.0.10.0_x64__kx24dqmazqk8j [2021-06-03] (Random Salad Games LLC) Sirius XM Radio Inc. -> C:\Program Files\WindowsApps\SiriusXM.SiriusXM_4.7.0.0_x64__rb1gq5s0htdrw [2021-06-03] (Sirius XM Radio Inc) SongPop 2 -> C:\Program Files\WindowsApps\FreshPlanetInc.SongPop2_2.16.1004.0_x64__qameptgjm6k7c [2021-06-03] (FreshPlanet Inc.) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.156.0_x64__43tkc6nmykmb6 [2021-06-03] (Ookla) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task] Stopwatch + Timer -> C:\Program Files\WindowsApps\25342asdf3333.StoppuhrTimer_1.5.7.1000_x64__1xbryz0n7krfa [2021-06-03] (asdf3333) Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad] TED -> C:\Program Files\WindowsApps\TEDConferencesLLC.TED_2.2.12.0_neutral__tdf10p8az89a6 [2021-06-03] (TED Conferences LLC) The Weather 14 days -> C:\Program Files\WindowsApps\tiempo.com.ElTiempo14das_3.2.10.0_x64__1jw6nrrrzn4a6 [2021-06-03] (Meteo Network) [MS Ad] Versefy - Lyrics finder -> C:\Program Files\WindowsApps\2238JakubSteplowski.SpotifyLyrics.NET_2.0.0.0_x64__76k8dzmm3mrer [2021-06-03] (Jakub Steplowski) Warm Winter Nights -> C:\Program Files\WindowsApps\Microsoft.WarmWinterNights_1.0.0.0_neutral__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) [MS Ad] Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2105.20001.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Corporation) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mike\AppData\Local\GoToMeeting\18705\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DAFA040D-F6C0-4A7E-904A-7516DDBF03D8}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Mike\AppData\Local\Google\Chrome SxS\Application\93.0.4542.0\notification_helper.exe (Google LLC -> Google LLC) ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [383488 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\SysWOW64\mscoree.dll [314880 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-03-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-03-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-18] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerRenameExt.dll [2021-05-10] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit) ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-18] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Mike\Desktop\Dear (misterjacobdearheart@gmail.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Mike\Desktop\Hubs.lnk -> C:\Program Files\Vivaldi\Application\vivaldi_proxy.exe (Vivaldi Technologies AS) -> --profile-directory=Default --app-id=gecpjahfmjincflnieigcbkjhmeanjej ShortcutWithArgument: C:\Users\Mike\Desktop\Hulu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=epffkfffophpagfbbklffindaiconkmc ShortcutWithArgument: C:\Users\Mike\Desktop\The Roku Channel.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=igmabefcbafcdmlnijleipocglddpnbn ShortcutWithArgument: C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\User Data\Default\Microsoft Edge Canary.lnk -> C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Local\Microsoft\Edge Dev\User Data\Microsoft Edge Dev.lnk -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Local\Microsoft\Edge Beta\User Data\Default\Microsoft Edge Beta.lnk -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Directory Index Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bcanaaidccjjjigbdiegafllllpbgkdg ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - Notes and Lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Hubs.lnk -> C:\Program Files\Vivaldi\Application\vivaldi_proxy.exe (Vivaldi Technologies AS) -> --profile-directory=Default --app-id=gecpjahfmjincflnieigcbkjhmeanjej ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Hulu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=epffkfffophpagfbbklffindaiconkmc ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pluto TV_ TV for the Internet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fjimjcdcjpelckcneochchfmnojdhdkh ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polycraft.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=eopfmbpfhhfnklgmjpoehcjaajhpbhbl ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Reditr - The Best Reddit Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pmfcbbijgnhoebddbjpmlikabnbnddgb ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Run Pixie Run.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gfkmokjholoinfcnlolbjfaokmoegeoh ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\The Roku Channel.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=igmabefcbafcdmlnijleipocglddpnbn ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Type Fu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pofoighmmpljaikjiidkkfhldjndfdbk ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Hulu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=epffkfffophpagfbbklffindaiconkmc ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge Beta.lnk -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge Canary.lnk -> C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge Dev.lnk -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e6edd31e8c733a65\Click&Clean.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dacknjoogbepndbemlmljdobinliojbk ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\aeea6001c9fdcab9\Click&Clean.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ghgabhipcejejjmhhchfonmamedcbeod ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8eec67784d56e0d6\Magic Actions for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=abjcfabbhafbcdfjoecdgepllmpfceif ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4242a155fcc27c2b\FlashPeak Slimjet.lnk -> C:\Program Files (x86)\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\SRWare Iron.lnk -> C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2021-04-12 00:49 - 2021-04-12 00:49 - 054230528 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node 2021-04-12 00:49 - 2021-04-12 00:49 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node 2021-04-12 00:49 - 2021-04-12 00:49 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node 2020-03-12 21:12 - 2020-03-12 21:12 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node 2021-04-12 00:49 - 2021-04-12 00:49 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node 2020-07-28 00:13 - 2020-07-28 00:13 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node 2020-08-04 07:48 - 2020-08-04 07:48 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node 2020-07-28 00:13 - 2020-07-28 00:13 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node 2020-07-28 00:13 - 2020-07-28 00:13 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node 2020-05-23 16:19 - 2020-05-23 16:19 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL 2020-05-23 16:19 - 2020-05-23 16:19 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll 2020-04-01 13:53 - 2020-04-01 13:53 - 000967168 _____ () [File not signed] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll 2019-05-18 17:01 - 2017-04-15 14:39 - 000070144 ____C () [File not signed] C:\Program Files\TinyTake Filter\screen-capture-recorder-x64.dll 2018-12-24 21:10 - 2018-12-24 21:10 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664\e_sqlite3.dll 2019-01-23 06:15 - 2019-01-23 06:15 - 025739776 _____ () [File not signed] C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664\Medtracker.dll 2020-04-17 15:58 - 2020-04-17 15:58 - 000095744 _____ () [File not signed] C:\WINDOWS\Womtrust.dll 2021-01-20 19:32 - 2021-01-20 19:32 - 004748456 ____T (Google Inc (TEST) -> Epic Privacy Browser) [File not signed] C:\Users\Mike\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\goopdate.dll 2019-01-23 06:15 - 2019-01-23 06:15 - 001479168 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664\sqlite3.dll 2020-08-19 20:50 - 2020-03-13 13:37 - 000665719 _____ (SQLite Development Team) [File not signed] C:\ProgramData\NzbDrone\bin\sqlite3.DLL 2017-05-19 13:26 - 2017-05-19 13:26 - 001280472 _____ (Stardock Corporation -> Stardock Corporation) [File not signed] [File is in use] c:\program files (x86)\stardock\fences\SdAppServices_x64.dll 2017-06-13 15:33 - 2017-06-13 15:33 - 002836408 _____ (Stardock Corporation -> Stardock) [File not signed] [File is in use] c:\program files (x86)\stardock\fences\DesktopDock64.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll 2020-05-23 16:19 - 2020-05-23 16:19 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2020-05-23 16:19 - 2020-05-23 16:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2020-05-23 16:19 - 2020-05-23 16:19 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll 2020-05-23 16:19 - 2020-05-23 16:19 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-06-02 13:08 - 2020-05-23 16:19 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-12-24 23:40 - 2021-06-14 17:30 - 000001426 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-3967705999-1235421771-3941837385-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrew\Desktop\BG\370807.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: egGetSvc => 2 MSCONFIG\Services: Everything => 2 MSCONFIG\Services: GalaxyClientService => 3 MSCONFIG\Services: GalaxyCommunication => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NovabenchService => 2 MSCONFIG\Services: PlexUpdateService => 2 MSCONFIG\Services: TDDService => 2 HKLM\...\StartupApproved\StartupFolder: => "TurboTop.lnk" HKLM\...\StartupApproved\StartupFolder: => "BumpTop.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "Everything" HKLM\...\StartupApproved\Run: => "GameSessionsTray" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run32: => "FxSound Enhancer" HKLM\...\StartupApproved\Run32: => "Innkeeper" HKLM\...\StartupApproved\Run32: => "Lightshot" HKLM\...\StartupApproved\Run32: => "Discord" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "DeskPins.lnk" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "TimeLeft.lnk" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "IDMan" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "com.github.manuel777.mtgatool" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "electron.app.MTG-Arena-Tool" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Wox" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8852ADB0C46FCDD2B960E1004A958824" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "TinyTake by MangoApps" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "SendAnywhere" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "TSMApplication" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Microsoft Edge Update" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "RoboForm" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "DashlanePlugin" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "SimklTracker" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "ClipClip" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Rambox" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Xpadder" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_00B8A9DD3303A4C4BFC15B633CF16EE3" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Spotify_Lyrics.NET_Helper_UWP" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A80524AC-82A9-4182-929C-9C15CA9DD9DF}] => (Allow) C:\Program Files\Waterfox Current\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd) FirewallRules: [{374807C4-BE71-42E1-B88A-66A3344D4E7C}] => (Allow) C:\Program Files\Waterfox Current\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd) FirewallRules: [UDP Query User{E4AF3E03-67B5-457D-AE9F-690D56FFCC72}C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FirewallRules: [TCP Query User{32798FCB-7464-4DA3-94C8-5305824AE4AD}C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FirewallRules: [{DE477410-E8D0-4CDD-802E-97D26B702596}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.14.4564.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed] FirewallRules: [{F8517C14-78A4-488D-9189-DE2C93E8F9C4}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.14.4564.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed] FirewallRules: [{47693E7D-75B6-4E99-9AEC-8CA4EA17558D}] => (Allow) C:\Program Files (x86)\PlayStationNow\unidater.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment) FirewallRules: [{968FE3E2-9163-4FA1-915F-675471BB2F46}] => (Allow) C:\Users\Mike\AppData\Local\Gaikai\CrashReports\dumpupload.exe (Sony Interactive Entertainment LLC -> ) FirewallRules: [{44EF2975-2397-4198-95EA-296CFBE6DBF0}] => (Allow) C:\Program Files (x86)\PlayStationNow\psnowlauncher.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment Network America LLC) FirewallRules: [{AFCD287B-4885-4602-A224-31697C789E87}] => (Allow) C:\Users\Mike\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{58919536-D735-4528-939B-4F85721937C0}] => (Allow) C:\Users\Mike\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{704B7631-6E2C-4294-8C84-265339FEAD50}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.) FirewallRules: [TCP Query User{F8E76B09-7679-4DAA-B128-BDDB756781C3}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.) FirewallRules: [UDP Query User{E725187F-92E7-467A-85AA-4EFD67B0E0FE}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed] FirewallRules: [TCP Query User{7E771528-C1A0-4A7C-B5D1-701008E2BAEB}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed] FirewallRules: [UDP Query User{220A37C3-4BA3-44FB-84ED-52369A5600AA}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed] FirewallRules: [TCP Query User{0D2F607B-2692-40B9-A846-04E3391178D5}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed] FirewallRules: [UDP Query User{535CA0BF-61BF-4529-A1DE-6585A7C2BE36}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed] FirewallRules: [TCP Query User{3AE9C364-9837-47BA-BAAB-7C21AA8D5F8E}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed] FirewallRules: [UDP Query User{C34F3070-0308-4558-AF5A-7CB879B21EF4}C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js) FirewallRules: [TCP Query User{EEBA5F0A-BE05-44E6-A29C-90817C0E4F50}C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js) FirewallRules: [UDP Query User{8A79B249-5DA2-451B-83CE-D5FF94E4188A}C:\users\mike\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\mike\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [TCP Query User{8A800690-A125-44DA-9261-C25D1FC78B4F}C:\users\mike\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\mike\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{E53B9A68-F6C0-453A-97FD-8573224DF851}] => (Allow) LPort=8732 FirewallRules: [{200E13D1-829E-401C-B4C4-5B45838E5C1F}] => (Allow) LPort=5253 FirewallRules: [{97D5F021-5701-4507-99FD-38EF5E367A97}] => (Allow) C:\Program Files\Tangentix\Runtime\x86\GSLauncher.exe (Tangentix Ltd -> Tangentix Ltd) FirewallRules: [{EF457E86-B10A-41C2-8667-35A9BAF12051}] => (Allow) C:\Program Files\Tangentix\Runtime\x64\GSLauncher.exe (Tangentix Ltd -> Tangentix Ltd) FirewallRules: [{AF7AA394-9876-4068-8DD4-4891B0CB8E97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CAA35CAD-7864-4B09-BE1F-4B9A9FE28DE7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{3DD358AB-F4AA-478F-B110-516939A26E10}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{926ADF4E-8AC3-46DD-9992-3E3D837F68BB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{46688F78-96D7-46F3-95CD-3A86D2B79D70}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{38443865-5340-4382-A36C-D17322B12C1B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{69030DC0-3842-4B9B-AD16-A1EEBC1F9954}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{A7EE1F16-29C0-4969-8FAF-9DCC2977DBE4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{2AABDBF2-1F3A-4ADC-A712-93E3D1DD0A7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1DCB020E-1AA7-43E9-97B7-426097B28526}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CEAFD356-0A27-4969-A688-319525C7C1C3}C:\users\mike\appdata\local\programs\rambox\rambox.exe] => (Allow) C:\users\mike\appdata\local\programs\rambox\rambox.exe (Rambox LLC -> Rambox LLC) FirewallRules: [UDP Query User{BF51CAB6-1F52-4631-87D1-A1F15503DDCA}C:\users\mike\appdata\local\programs\rambox\rambox.exe] => (Allow) C:\users\mike\appdata\local\programs\rambox\rambox.exe (Rambox LLC -> Rambox LLC) FirewallRules: [{CC45A5EA-6339-4FA5-8D91-6817D4E9923D}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed] FirewallRules: [{2C302CDD-6E36-44B8-ACF2-9CB6EEDA835D}] => (Allow) LPort=8989 FirewallRules: [TCP Query User{3A881809-41D4-4FE5-9B33-E9717713F3E7}C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{5FB1F595-C75F-4D8D-B2DB-E66AB4D365E0}C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3A04051E-D052-43EA-BE7B-3EA06508CEED}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation) FirewallRules: [{A5A5ECC3-BE5B-46BD-A53E-96FDB460A292}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{F6F8660D-6711-40DE-B95D-B7A4E960FC27}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{6882C443-769A-4F7A-BC9C-8D6A0849920C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8A1B20A0-C19F-4C28-9694-28624B984F5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6F3FBDBA-3724-4D08-B617-74E7D3DC57CD}] => (Allow) LPort=1542 FirewallRules: [{B630FBA5-E991-44C9-809A-C4C4FB31FCE5}] => (Allow) LPort=1542 FirewallRules: [{7639EA57-C421-42DD-934F-711BC88774B0}] => (Allow) LPort=53 FirewallRules: [{0FC0D8ED-4F38-455C-AF97-53A439B6FAEE}] => (Allow) LPort=53 FirewallRules: [{29A6B32A-27C0-4565-8125-176EB0A6F5A4}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd) FirewallRules: [{6DB06775-1F08-405B-AEBC-A05794D66FE6}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd) FirewallRules: [{FC2C6EC3-B502-4202-9D00-0C679AC086D9}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File FirewallRules: [{90585FD0-9227-4B16-9FF2-1DC533721ED4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{CC04C363-CF62-4A4E-8A9C-BDEB146D7B03}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{58152642-95CE-4588-A951-3A445F90C8CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{FCFFA313-3CD4-4495-AD1B-89DBED8A336B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{9A106488-1777-493B-8786-E9AC871F137F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8283690E-50E2-46F9-8605-D4D87BD40D3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7BCCC462-A23D-4680-A5D0-186CB4BF6640}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (WATERFOX LIMITED -> Waterfox) FirewallRules: [{45AB4A9E-CAD7-431A-AA33-7248C6ECCA45}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (WATERFOX LIMITED -> Waterfox) FirewallRules: [{7E21B02A-736B-4C1C-A3A4-E0D7503EE87F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5058BBE4-B931-4C1E-B4DA-5D7FE6A8D544}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D4D35DDD-DD63-4131-AD51-9AF7D7B3EEB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{3D6EAB69-A5F7-4558-9BA6-3CC728DD12D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{19E07FF0-723D-46A3-8156-9009C185C4DE}] => (Allow) C:\Users\Mike\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) FirewallRules: [TCP Query User{48922543-945E-4832-9EC1-6BF0A47A4EC4}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.) FirewallRules: [UDP Query User{497E7339-CCF8-47FB-BF15-31727F22BB5E}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.) FirewallRules: [{E459E0C8-ECEC-4305-9DE7-6F46E52D156E}] => (Allow) C:\WINDOWS\system32\config\systemprofile\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) FirewallRules: [{D41D2815-5894-4B70-B757-AA195FC271CF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{2E1E3183-699B-48B0-B2A7-BBBC7727B053}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{2560DC8F-E543-47A4-9C20-E48A9019F543}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Birth by Sleep FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{E6B91959-C2AA-4AC5-8646-243D62785631}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Birth by Sleep FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{3DE72608-0D43-4116-90AF-0F095F8B9CFC}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{6B3A7C08-645C-4162-9667-EA1F55FC783E}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{B23EB531-22B1-4B4F-8AEB-920840A0503A}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 Launcher.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{8399B654-3B7B-446E-B42F-49D4A386FD80}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 Launcher.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{CD69F8CB-CB2E-4F4D-ACD8-732C82CEF163}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 ReMIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{74ABFCA3-3B5D-4EC6-8323-0ACAA3B88DAC}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 ReMIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{004CC956-44EA-4AF0-9795-8851CC1CCBBB}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS II FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{BF8AFE92-B8B6-478D-A1FE-07533B730296}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS II FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{A132E8C1-7AC8-480C-8F01-AB0CFE747E2A}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Re_Chain of Memories.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{1C6F08D0-21CB-4F19-8540-E09C5BA9C742}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Re_Chain of Memories.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{6A9E3D66-DA35-42AD-A889-F9656CB5F89F}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Theater.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{9B2802B5-3E9E-4871-BB56-E616CDA687B7}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Theater.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{E0A786C6-26DE-4C98-8975-03CDD485279C}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\WaitTitleProject.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{08411535-2E3D-4021-8ED7-0E50B0E7D9B7}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\WaitTitleProject.exe (SQUARE ENIX CO., LTD. -> Square Enix) FirewallRules: [{D245EE34-26A1-4243-8D1D-593C5C0CC203}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.) FirewallRules: [{F6AC02FD-CCEE-4691-91A1-A0D4F5A6C40A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation) FirewallRules: [{78306E8E-DD46-44EE-82D6-1FCC1594CA2E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.) FirewallRules: [{73F00038-045D-4FEB-B6A4-2748882B0A1C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> ) FirewallRules: [{D8E5F915-B246-46DA-B67D-B178ED44BE1B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Game Transcoder\Plex Game Transcoder.exe (Plex, Inc. -> ) FirewallRules: [{C6A2C6EA-9D18-476A-8779-9BF71BB19167}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1B15FDC0-C837-4EF5-9A8B-E014A463D72C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AF86BA06-2A44-4A6A-8C60-8BDB95E0F658}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{92B74036-DEA7-4F52-ABFB-68D55D91BB79}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{92BEDB10-CC61-4F63-B31E-F952155818DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7393FC0B-9D1C-49FA-B5AA-10B3EB296637}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1E5C47A5-1A81-498F-907C-F6B22C1D2250}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6723D469-1BC0-4775-95B0-BAC7170C93AC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EF8F111E-6862-485D-9A7C-8D6A7A4846DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DB653CAA-B751-4F19-8B1B-71BD8B6FBA3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7A98ABA7-2359-4737-93E5-AA66B061ABED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{88720180-DE6F-42A9-9B96-209A3E635F63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0564A863-B9FF-4856-B75E-12217A16DFFF}] => (Allow) LPort=7359 FirewallRules: [{16DDC05D-9748-44A8-BBD4-BB81EF71B1BF}] => (Allow) LPort=8096 FirewallRules: [{91FC276D-625A-461B-815A-89EA6566C802}] => (Allow) LPort=8920 FirewallRules: [{AD102EFE-6880-4B68-BAD4-FE8E4E9504F3}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.5.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [File not signed] FirewallRules: [{EE245116-CE0F-486B-9247-BA49C2A8CDA1}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.5.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [File not signed] FirewallRules: [{27298DD4-E80C-4438-A3E9-A47093156C76}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5D795BBC-D401-462E-A21F-F0BC8A66FA93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{52833D71-94E9-4CC4-8588-948CACA63EFD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{90B875DB-7AF5-4360-9FD9-94C16C3DE8A8}] => (Allow) C:\Users\Mike\76.0.4017.154\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{94F0C948-AD6F-4CD3-B12C-C7FDCF821868}] => (Allow) C:\Users\Mike\76.0.4017.177\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{CD772043-FDD3-49A1-92AE-11A7033A70BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{DA85F303-D29A-472D-A74B-56B700FF7EE1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{B827CE9F-7B0A-491E-8B22-7670DAF28B65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{61C4A05B-E28D-4AFD-AA06-B81D6D8F4244}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6DF139B1-5C27-46B3-B418-8CB84695F7D7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EE182ACF-89BA-4DE6-B723-29D08B4FC8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0B007CDD-B36D-4C20-8B3D-297D6085372C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{57F73778-DE76-4305-BC4E-7FA8E91C3068}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F8ED3EFD-78AF-4F21-ADAA-93D2C99F547E}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4AA5BD50-8980-4BDE-9E26-DD5EE364F19B}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Beta\Application\92.0.902.9\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{60F13E7A-BCC0-4612-9752-D965146FC5A4}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) FirewallRules: [{28300E35-B01E-44ED-93C2-D5300F72B76E}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9BE5B056-21E0-4437-8AEF-005C44FFEC2E}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\93.0.910.5\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BEDFFE0A-B695-419C-9712-FB920396A1E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{FBA38111-17CE-4D72-B32E-92AD4A655739}] => (Allow) C:\Users\Mike\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe => No File FirewallRules: [{48AFE39A-6D76-4F28-9C98-DBF6D169E07E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0DF4933F-86CF-4630-B6BD-83E7CCADA4AC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DF8F5FCD-A355-46D4-9228-1B8664D6D81C}] => (Allow) C:\Users\Mike\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File FirewallRules: [{D50D1AAE-42E9-45A1-A9DC-77932B2C87C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1B8D18DA-950A-4A02-935B-60A6789182C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B6DE2B61-EF9C-4CE2-8F37-601D23BF4278}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D4ED1232-8576-4813-87AA-7D52E6BC70D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3153ABDF-CEAE-4A1A-8E60-270B4B79F7F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1C3B4C29-5DF2-4682-BB97-1889127C5DE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{56C203D1-27CE-416F-97D5-B5B2402D16FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{62C6363D-C9C1-472B-9486-7FDE30904672}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{68391339-D9B6-4AA5-A4C8-33F71E4C6B2C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:110.72 GB) (Free:30.17 GB) (27%) ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (06/14/2021 05:41:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: myTube.exe, version: 1.0.0.0, time stamp: 0x5fe2e461 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb Exception code: 0xc000027b Fault offset: 0x000000000010b39c Faulting process id: 0x4af0 Faulting application start time: 0x01d76166028fd00f Faulting application path: C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw\myTube.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 669e3c5a-67c7-4c40-a7bc-1fda4069c71e Faulting package full name: 59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw Faulting package-relative application ID: App Error: (06/14/2021 05:38:15 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 9.6.2021.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1a64 Start Time: 01d7616572b6739b Termination Time: 4294967295 Application Path: C:\Users\Mike\Desktop\FRST-OlderVersion\FRST64.exe Report Id: 794f2cbf-bebd-4755-88a5-3642633bc083 Faulting package full name: Faulting package-relative application ID: Hang type: Top level window is idle Error: (06/14/2021 05:37:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.19041.610, time stamp: 0x5d4af3f4 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb Exception code: 0xc0000409 Fault offset: 0x000000000010b39c Faulting process id: 0x152c Faulting application start time: 0x01d76165727d11d7 Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 346dc5a5-0447-4d4b-934c-2e0f659a5aa0 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (06/14/2021 05:34:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: PowerToys.exe, version: 0.37.2.0, time stamp: 0x609980b2 Faulting module name: fancyzones.dll, version: 0.37.2.0, time stamp: 0x60997e91 Exception code: 0xc0000409 Fault offset: 0x000000000009e48d Faulting process id: 0x1a44 Faulting application start time: 0x01d7616490b0b97c Faulting application path: C:\Program Files\PowerToys\PowerToys.exe Faulting module path: C:\Program Files\PowerToys\modules\FancyZones\fancyzones.dll Report Id: b512f66a-f7a3-4f7f-924f-4fe7eb2cb6da Faulting package full name: Faulting package-relative application ID: Error: (06/14/2021 05:33:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: myTube.exe, version: 1.0.0.0, time stamp: 0x5fe2d851 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb Exception code: 0xc000027b Fault offset: 0x000000000010b39c Faulting process id: 0x3fb0 Faulting application start time: 0x01d76164f974964e Faulting application path: C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw\myTube.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 7e783c59-abe4-4997-8aee-7e40abec210c Faulting package full name: 59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw Faulting package-relative application ID: App Error: (06/14/2021 05:32:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Medtracker.exe, version: 1.0.0.0, time stamp: 0x5b6a3406 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb Exception code: 0xc000027b Fault offset: 0x000000000010b39c Faulting process id: 0x9ec Faulting application start time: 0x01d76164cf7b41fd Faulting application path: C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664\Medtracker.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: d4a0a6aa-4bb7-4f12-b2b8-bc161afd653a Faulting package full name: 53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664 Faulting package-relative application ID: App Error: (06/14/2021 05:32:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x1d3a15e7 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb Exception code: 0xc000027b Fault offset: 0x000000000010b39c Faulting process id: 0x494 Faulting application start time: 0x01d76164cf765fa9 Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 750ddaa9-1d5d-4240-91ea-4e75d921e465 Faulting package full name: 15EF7777.Crunchyroll_1.3.1.0_x64__mgdgtskya6f22 Faulting package-relative application ID: App Error: (06/14/2021 05:32:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: myTube.exe, version: 1.0.0.0, time stamp: 0x5fe2d851 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb Exception code: 0xc000027b Fault offset: 0x000000000010b39c Faulting process id: 0x1fcc Faulting application start time: 0x01d76164cf87f17f Faulting application path: C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw\myTube.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 17ca7456-7199-4550-bd00-59b2a727395e Faulting package full name: 59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw Faulting package-relative application ID: App System errors: ============= Error: (06/14/2021 05:30:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The UCBrowserSvc service failed to start due to the following error: The system cannot find the file specified. Error: (06/14/2021 05:28:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Virtual Disk service failed to start due to the following error: The service did not start due to a logon failure. Error: (06/14/2021 05:28:53 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The vds service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (06/14/2021 05:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Client Service service terminated unexpectedly. It has done this 1 time(s). Error: (06/14/2021 05:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s). Error: (06/14/2021 05:27:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Plex Update Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/14/2021 05:27:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Kaspersky VPN Secure Connection Service 5.3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/14/2021 05:27:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Disc Soft Lite Bus Service service terminated unexpectedly. It has done this 1 time(s). Windows Defender: ================ Date: 2021-06-06 05:56:15 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-06-05 00:12:32 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-06-03 18:31:26 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-06-03 05:12:38 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-06-03 05:08:06 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-06-04 03:44:08 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: 1.341.8.0 Previous security intelligence Version: 1.339.1937.0 Update Source: User Security intelligence Type: AntiSpyware Update Type: Delta Current Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2021-06-04 03:44:08 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: 1.341.8.0 Previous security intelligence Version: 1.339.1937.0 Update Source: User Security intelligence Type: AntiVirus Update Type: Delta Current Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2021-06-04 03:44:08 Description: Microsoft Defender Antivirus has encountered an error trying to update the engine. New Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error Code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2021-06-03 22:10:09 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: 1.341.8.0 Previous security intelligence Version: 1.339.1937.0 Update Source: User Security intelligence Type: AntiSpyware Update Type: Delta Current Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. Date: 2021-06-03 22:10:09 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: 1.341.8.0 Previous security intelligence Version: 1.339.1937.0 Update Source: User Security intelligence Type: AntiVirus Update Type: Delta Current Engine Version: 1.1.18200.4 Previous Engine Version: 1.1.18100.6 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. CodeIntegrity: =============== Date: 2021-06-14 17:33:11 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1903 07/11/2013 Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0 Processor: AMD FX(tm)-8320 Eight-Core Processor Percentage of memory in use: 53% Total physical RAM: 11177.45 MB Available physical RAM: 5242.32 MB Total Virtual: 22441.45 MB Available Virtual: 14704.35 MB ==================== Drives ================================ Drive c: (Howard The Duck) (Fixed) (Total:110.72 GB) (Free:30.17 GB) NTFS Drive d: (Large Boi) (Fixed) (Total:3726.01 GB) (Free:1990.38 GB) NTFS Drive f: (Small Boi) (Fixed) (Total:1863 GB) (Free:1634.95 GB) NTFS \\?\Volume{2713d272-8d1e-4b8b-ab61-cc39eeb6d7ea}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS \\?\Volume{0ba0bc9d-6992-4616-972b-0917273fb952}\ () (Fixed) (Total:0.47 GB) (Free:0.04 GB) NTFS \\?\Volume{f4fce790-47e8-4d49-9c91-381282c7fcd6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 48F7ACEF) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================