Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by CrniOrao (administrator) on DESKTOP-RQNHLVS (17-07-2018 14:45:44)
Running from C:\Users\CrniOrao\Downloads
Loaded Profiles: CrniOrao (Available Profiles: CrniOrao)
Platform: Windows 10 Pro Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC207\Monitor.exe
(Viber Media S.Ã r.l.) C:\Users\CrniOrao\AppData\Local\Viber\Viber.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
() C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-10] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor)
HKLM\...\Run: [PAC207_Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Run: [Discord] => C:\Users\CrniOrao\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Run: [Viber] => C:\Users\CrniOrao\AppData\Local\Viber\Viber.exe [40348744 2018-06-26] (Viber Media S.Ã r.l.)
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-12] (Disc Soft Ltd)
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Run: [Spotify Web Helper] => C:\Users\CrniOrao\AppData\Roaming\Spotify\SpotifyWebHelper.exe [774544 2018-07-16] (Spotify Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{21389c2e-cba1-4aaa-a770-ef35c41d1baa}: [NameServer] 195.29.150.3,195.29.10.4
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-14] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-06-30] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-04-19] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-05-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-06-18] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-18] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-30] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6pbyt9ql.default
FF ProfilePath: C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default [2018-07-17]
FF Homepage: Mozilla\Firefox\Profiles\6pbyt9ql.default -> www.google.hr
FF NewTab: Mozilla\Firefox\Profiles\6pbyt9ql.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180102__yaff
FF NewTabOverride: Mozilla\Firefox\Profiles\6pbyt9ql.default -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF Extension: (BetterTTV) - C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default\Extensions\[email protected] [2017-12-19]
FF Extension: (Avast SafePrice) - C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default\Extensions\[email protected] [2018-07-12]
FF Extension: (Avast Online Security) - C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default\Extensions\[email protected] [2018-05-25]
FF Extension: (New Tab Homepage) - C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2017-11-29]
FF Extension: (Adblock Plus) - C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-16]
FF SearchPlugin: C:\Users\CrniOrao\AppData\Roaming\Mozilla\Firefox\Profiles\6pbyt9ql.default\searchplugins\yahoo-lavasoft.xml [2018-01-03]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2018-07-06] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-04-19] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-05-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2018-01-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2018-01-03] <==== ATTENTION
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-10] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6893704 2018-06-22] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-06-30] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-12] (Disc Soft Ltd)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2202432 2018-06-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3072840 2018-06-19] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449152 2018-05-16] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943752 2018-05-14] (Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-08-12] (Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [283888 2018-06-01] ()
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2018-05-30] (Razer Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 WinDefendSecurity; no ImagePath
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-07-10] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-07-10] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-07-10] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-07-10] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-07-10] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-10] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-07-10] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-07-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-07-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-07-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-07-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-07-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-07-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-07-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-07-10] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-25] (Disc Soft Ltd)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation)
R3 PAC207; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [686592 2008-02-13] (PixArt Imaging Inc.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [49136 2018-04-15] (Razer Inc)
R3 RzDev_0060; C:\WINDOWS\System32\drivers\RzDev_0060.sys [51688 2018-04-22] (Razer Inc)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-17 14:45 - 2018-07-17 14:46 - 000019022 _____ C:\Users\CrniOrao\Downloads\FRST.txt
2018-07-17 14:44 - 2018-07-17 14:45 - 000000000 ____D C:\FRST
2018-07-17 14:44 - 2018-07-17 14:44 - 000000000 ____D C:\Users\CrniOrao\Downloads\FRST-OlderVersion
2018-07-17 14:43 - 2018-07-17 14:44 - 002412544 _____ (Farbar) C:\Users\CrniOrao\Downloads\FRST64.exe
2018-07-17 14:10 - 2018-07-17 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-07-16 13:14 - 2018-07-16 13:14 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2018-07-14 14:48 - 2018-07-14 14:48 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-14 14:48 - 2018-07-14 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-13 01:59 - 2018-06-24 17:40 - 000132032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-07-13 01:58 - 2018-07-13 01:58 - 000000000 ____D C:\WINDOWS\LastGood
2018-07-13 01:55 - 2018-06-25 19:25 - 040346984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 035250256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 031244248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 013728120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 011273632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 004350040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 003760672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 002013784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439836.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 001563392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 001468448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439836.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 001419200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 001216872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 001092360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 000749472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 000626616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 000608512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-07-13 01:55 - 2018-06-25 19:25 - 000518208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 025961336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 017750344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 015165008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 001356816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 001347664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 001157392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 001069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 001063216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 000904720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 000814616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 000652344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-07-13 01:55 - 2018-06-25 19:24 - 000634760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-07-11 10:37 - 2018-07-10 15:18 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-07-10 15:26 - 2018-07-17 14:08 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\AVAST Software
2018-07-10 15:26 - 2018-07-11 10:38 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-07-10 15:26 - 2018-07-10 16:01 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\Google
2018-07-10 15:26 - 2018-07-10 16:01 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-10 15:18 - 2018-07-10 15:18 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-07-10 15:18 - 2018-07-10 15:18 - 000000000 ____D C:\Program Files\AVAST Software
2018-07-04 13:55 - 2018-07-04 13:55 - 000000000 ____D C:\Users\CrniOrao\Documents\Electronic Arts
2018-07-04 13:53 - 2018-04-29 17:27 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2018-07-04 13:53 - 2018-01-29 01:09 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2018-07-01 12:28 - 2018-07-01 12:28 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\Viber
2018-06-30 21:05 - 2018-07-07 00:01 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\BattlEye
2018-06-26 03:32 - 2018-06-26 03:34 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\Guild Wars 2
2018-06-26 03:32 - 2018-06-26 03:32 - 032946344 _____ (ArenaNet) C:\Users\CrniOrao\Downloads\Gw2Setup-64.tmp
2018-06-26 03:32 - 2018-06-26 03:32 - 032946344 _____ (ArenaNet) C:\Users\CrniOrao\Downloads\Gw2Setup-64.exe
2018-06-26 03:32 - 2018-06-26 03:32 - 000000000 ____D C:\Users\CrniOrao\Downloads\bin64
2018-06-26 03:32 - 2018-06-26 03:32 - 000000000 _____ C:\Users\CrniOrao\Downloads\Gw2.tmp
2018-06-26 03:32 - 2018-06-26 03:32 - 000000000 _____ C:\Users\CrniOrao\Downloads\Gw2.dat
2018-06-24 12:59 - 2018-06-24 12:59 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\EasyAntiCheat
2018-06-19 23:29 - 2018-06-19 23:29 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\steam.transformice.com
2018-06-18 16:56 - 2018-06-18 16:56 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-06-18 16:54 - 2018-06-25 19:24 - 004126128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-06-18 16:54 - 2018-06-02 05:04 - 002014144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439811.dll
2018-06-18 16:54 - 2018-06-02 05:04 - 001468272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439811.dll
2018-06-18 16:47 - 2018-06-18 16:47 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-06-18 16:47 - 2018-04-19 18:29 - 000145352 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-06-18 16:46 - 2018-06-18 16:46 - 000000000 ____D C:\Program Files (x86)\Java
2018-06-18 16:42 - 2018-06-18 16:42 - 000000000 ____D C:\Users\CrniOrao\.mputils
2018-06-18 16:37 - 2018-06-18 16:37 - 000000096 _____ C:\Users\CrniOrao\.bash_history
2018-06-18 15:02 - 2018-06-18 15:02 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\.atlauncher
2018-06-18 15:02 - 2018-06-18 15:02 - 000000000 ____D C:\ProgramData\For Honor Data
2018-06-18 14:59 - 2018-06-18 15:00 - 071830472 _____ (Oracle Corporation) C:\Users\CrniOrao\Downloads\jre-8u171-windows-x64.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-17 14:42 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-17 14:13 - 2018-05-14 14:48 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-17 14:13 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-17 14:10 - 2018-05-16 10:35 - 000000000 ____D C:\temp
2018-07-17 14:10 - 2017-11-29 14:04 - 000292184 _____ (Microsoft Corporation) C:\Users\CrniOrao\Downloads\dxwebsetup.exe
2018-07-17 14:09 - 2017-11-29 15:14 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-17 14:07 - 2018-05-14 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-17 14:07 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-17 14:07 - 2017-11-29 14:27 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2018-07-17 14:07 - 2017-11-29 13:47 - 000000000 ____D C:\Users\CrniOrao\AppData\LocalLow\Mozilla
2018-07-17 13:58 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-07-17 13:34 - 2017-11-29 19:43 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\ViberPC
2018-07-17 13:34 - 2017-11-29 14:15 - 000000426 _____ C:\WINDOWS\Tasks\update-sys.job
2018-07-17 13:34 - 2017-11-29 14:15 - 000000426 _____ C:\WINDOWS\Tasks\update-S-1-5-21-736942876-451567912-225038537-1001.job
2018-07-17 05:21 - 2017-11-29 14:17 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\Battle.net
2018-07-17 05:18 - 2018-05-24 23:56 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-24 23:56 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-24 23:56 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-24 23:56 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-24 23:56 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000003746 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-17 05:18 - 2018-05-14 14:45 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-07-17 05:18 - 2018-05-14 14:45 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000003050 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-736942876-451567912-225038537-1001
2018-07-17 05:18 - 2018-05-14 14:45 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000002848 _____ C:\WINDOWS\System32\Tasks\JavaUpdateSched
2018-07-17 05:18 - 2018-05-14 14:45 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000002806 _____ C:\WINDOWS\System32\Tasks\update-sys
2018-07-17 05:18 - 2018-05-14 14:45 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-17 05:18 - 2018-05-14 14:45 - 000002554 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2018-07-17 05:18 - 2018-05-14 14:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-07-17 01:13 - 2018-02-12 20:49 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\obs-studio
2018-07-17 01:13 - 2017-11-29 21:17 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\Twitch
2018-07-17 00:33 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-17 00:24 - 2018-05-14 14:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-16 21:25 - 2018-05-10 17:31 - 000000000 ____D C:\World of Warcraft
2018-07-16 20:08 - 2017-12-02 16:20 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\Ubisoft Game Launcher
2018-07-16 16:31 - 2017-11-29 19:41 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\Spotify
2018-07-16 16:31 - 2017-11-29 19:40 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\Spotify
2018-07-16 13:13 - 2017-11-29 14:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-07-15 21:37 - 2018-04-15 15:12 - 000000000 ____D C:\Program Files (x86)\Origin
2018-07-15 19:52 - 2017-11-29 19:43 - 000000000 ____D C:\Users\CrniOrao\Documents\ViberDownloads
2018-07-15 19:51 - 2018-05-14 14:45 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-07-14 14:48 - 2018-05-15 13:00 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-14 14:48 - 2018-05-15 13:00 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-14 14:48 - 2018-05-15 13:00 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-14 14:48 - 2018-05-15 13:00 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-14 14:48 - 2018-05-15 13:00 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-14 14:48 - 2018-05-15 13:00 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-14 14:48 - 2018-05-15 13:00 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-14 14:48 - 2018-05-15 12:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-13 17:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-13 17:07 - 2017-11-29 17:18 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\ElevatedDiagnostics
2018-07-13 12:25 - 2017-11-29 16:28 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\NVIDIA
2018-07-13 02:00 - 2017-11-30 06:11 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-07-13 01:59 - 2018-05-25 00:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-07-13 01:59 - 2017-11-29 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-13 01:59 - 2017-11-29 15:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-11 10:37 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-07-11 03:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-11 03:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-11 01:38 - 2018-01-01 13:19 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\Packages
2018-07-10 16:04 - 2017-12-21 16:55 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\vlc
2018-07-10 15:18 - 2018-05-14 11:55 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-07-10 15:18 - 2018-05-14 11:55 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-07-10 15:18 - 2017-12-21 17:24 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-07-10 15:17 - 2017-11-29 14:02 - 000178320 _____ (AVAST Software) C:\Users\CrniOrao\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2018-07-07 19:19 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-06 15:37 - 2017-11-29 13:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-06 15:37 - 2017-11-29 13:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-06 03:25 - 2017-11-29 13:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-05 23:41 - 2018-05-16 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2018-07-04 13:36 - 2018-01-03 00:40 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\uTorrent
2018-06-27 09:43 - 2018-04-16 03:11 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2018-06-26 17:20 - 2018-05-13 19:43 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\LogMeIn Hamachi
2018-06-26 03:30 - 2017-12-15 12:20 - 000000000 ____D C:\Users\CrniOrao\AppData\Local\CrashDumps
2018-06-25 19:24 - 2018-03-24 01:03 - 004856232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-06-24 22:53 - 2017-11-30 01:26 - 000000000 ____D C:\Users\CrniOrao\AppData\Roaming\TS3Client
2018-06-24 19:27 - 2018-03-24 01:03 - 000044271 _____ C:\WINDOWS\system32\nvinfo.pb
2018-06-24 17:39 - 2017-11-29 15:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-06-24 17:31 - 2017-11-29 15:14 - 005947520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-06-24 17:31 - 2017-11-29 15:14 - 002612624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-06-24 17:31 - 2017-11-29 15:14 - 001767360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-06-24 17:31 - 2017-11-29 15:14 - 000633792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-06-24 17:31 - 2017-11-29 15:14 - 000451144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-06-24 17:31 - 2017-11-29 15:14 - 000124200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-06-24 17:31 - 2017-11-29 15:14 - 000083424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-24 12:59 - 2017-11-29 16:20 - 000000000 ____D C:\Users\CrniOrao\Documents\My Games
2018-06-22 23:04 - 2017-11-30 01:26 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2018-06-20 12:52 - 2017-11-29 15:14 - 008207422 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-06-18 16:47 - 2017-11-29 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-18 16:45 - 2018-04-24 21:25 - 001881544 _____ (Oracle Corporation) C:\Users\CrniOrao\Downloads\JavaSetup8u171.exe
2018-06-18 16:42 - 2018-05-14 14:40 - 000000000 ____D C:\Users\CrniOrao
2018-06-18 15:01 - 2018-04-15 18:32 - 000000000 ____D C:\Program Files\Java
==================== Files in the root of some directories =======
2017-12-02 05:06 - 2018-06-01 20:49 - 000000132 _____ () C:\Users\CrniOrao\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-11-29 14:15 - 2017-11-29 14:15 - 000000003 _____ () C:\Users\CrniOrao\AppData\Local\updater.log
2017-11-29 14:15 - 2017-11-29 14:15 - 000000425 _____ () C:\Users\CrniOrao\AppData\Local\UserProducts.xml
Some files in TEMP:
====================
2018-07-14 15:46 - 2018-07-16 20:09 - 000000000 _____ () C:\Users\CrniOrao\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-07-10 18:45 - 2018-07-16 20:09 - 000000017 _____ () C:\Users\CrniOrao\AppData\Local\Temp\4a84efc57ceefefac8b913a0dc01a784.dll
2018-07-13 01:56 - 2018-06-01 10:47 - 000395336 _____ (NVIDIA Corporation) C:\Users\CrniOrao\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-14 14:38
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by CrniOrao (17-07-2018 14:46:20)
Running from C:\Users\CrniOrao\Downloads
Windows 10 Pro Version 1803 17134.112 (X64) (2018-05-14 12:45:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-736942876-451567912-225038537-500 - Administrator - Disabled)
CrniOrao (S-1-5-21-736942876-451567912-225038537-1001 - Administrator - Enabled) => C:\Users\CrniOrao
DefaultAccount (S-1-5-21-736942876-451567912-225038537-503 - Limited - Disabled)
Guest (S-1-5-21-736942876-451567912-225038537-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-736942876-451567912-225038537-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0337 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{8FEB5B5F-0777-4E9D-8705-06F0A2295544}) (Version: 1.1.143.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.17.1.2 (HKLM\...\Git_is1) (Version: 2.17.1.2 - The Git Development Community)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.10228.20104 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20104 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.22.1331 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{6e7870e5-883d-461b-865e-e50e135cab77}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Popcorn-Time (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.16.1 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0612.060119 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Roblox Player for CrniOrao (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for CrniOrao (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\Spotify) (Version: 1.0.85.257.g0f8531bd - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
The Forest (HKLM-x32\...\The Forest_is1) (Version: - )
The Sims 4 (HKLM\...\The Sims 4_is1) (Version: 1.41.38.1020 - )
Trust 100K Series Webcam (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust)
TunnelBear (HKLM-x32\...\{5dbd322e-98b2-41c8-a2d9-d9f21423afa9}) (Version: 3.2.0.6 - TunnelBear)
TunnelBear (HKLM-x32\...\{EAF52E02-CC78-47F4-A304-F91FDB6A55D1}) (Version: 3.2.0.6 - TunnelBear) Hidden
Twitch (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Viber (HKLM-x32\...\{4D2D994A-784E-4D4D-83F6-70B4A1C46408}) (Version: 7.6.0.1 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-736942876-451567912-225038537-1001\...\{375849f6-0d9c-4875-8249-e8971eaa3be8}) (Version: 7.6.0.1 - Viber Media Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-736942876-451567912-225038537-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\CrniOrao\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-736942876-451567912-225038537-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\CrniOrao\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-736942876-451567912-225038537-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\CrniOrao\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-10] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-10] (AVAST Software)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-10] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-10] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00541C62-0262-4D51-9593-AA2219823332} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {108010E2-B442-464E-8A83-BE327F1A3436} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {143FFC9F-EB08-41BD-A056-B8A5ACFCB7D1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {1683806E-D371-48DA-8269-0A4CDD13AE7E} - \Microsoft\Windows\Application Experience\StartupCheckLibrary -> No File <==== ATTENTION
Task: {20440338-C15D-467C-B156-E34DE0307321} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-14] (Microsoft Corporation)
Task: {292F6E42-9C72-4C01-A03A-D86871FF6267} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {297FAB41-9752-4340-BA15-17728E4723FC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-14] (Microsoft Corporation)
Task: {2A766F83-0923-4461-8A90-EE5023D36DC8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {2D248147-B14B-4B9C-868A-8422C2AF3DBB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {3FFC374D-6DA2-4804-AC39-636C60006BD8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-14] (Microsoft Corporation)
Task: {410AE620-752E-444C-B935-C72A2BBBF5FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-14] (Microsoft Corporation)
Task: {52F83DB1-0E43-4781-A659-38C07255E01F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {822109C9-AFD9-46FF-B1B0-9184D9E2B24F} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {9360CDDE-EABD-42EC-9242-C61EE3DC7AC0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-07] (AVAST Software)
Task: {9E2FC429-C364-4E79-B42B-D06E69403D4A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {A022EBED-2507-4BB1-B51C-2ED845B3A15B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {A1221E2F-8F36-46AC-A1CB-D658B77CCA52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {A6513CFE-6E5C-48F8-B6E0-1E07EE03F3B6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {B5876AA8-3B3D-4A81-A246-B544B7DCC4F7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {B72C4F67-79F1-4F92-ACC7-F0DA4A0190F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {B946F367-8DAB-40FA-822B-D99DE9B40638} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-10] (AVAST Software)
Task: {BDE39D5C-C6E3-41E2-9586-E5F4A17B1D3C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {C1AA11FD-4FC3-41D7-BC79-C89B2CA110ED} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {C2F5D078-765B-415A-A357-2520BDE1B2CA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {CB3BE89F-27A5-40DD-94A9-D3314A86AFAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-14] (Microsoft Corporation)
Task: {DC2A3D9F-0715-4645-AC24-043CC1C06A1C} - System32\Tasks\update-S-1-5-21-736942876-451567912-225038537-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-736942876-451567912-225038537-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-15 13:00 - 2018-05-31 02:39 - 008934064 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-05-24 23:56 - 2018-05-20 19:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-02-12 20:34 - 2018-02-12 20:34 - 000113024 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
2018-05-24 23:56 - 2018-05-20 19:36 - 095437792 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-13 12:35 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-01 12:46 - 2018-06-01 12:46 - 000283888 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2018-05-24 23:56 - 2018-05-20 19:36 - 003029472 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-24 23:56 - 2018-05-20 19:36 - 000149984 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-06-01 12:46 - 2018-06-01 12:46 - 000292080 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
2018-06-01 13:36 - 2018-06-01 13:36 - 000428272 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2018-02-12 20:33 - 2018-02-12 20:33 - 000161792 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll
2018-07-17 14:07 - 2018-06-01 12:43 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2018-07-17 14:07 - 2018-06-01 12:44 - 000179440 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2018-07-17 14:07 - 2018-05-18 12:29 - 000206576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativePhilipsHueWrapper.dll
2018-07-17 14:07 - 2018-06-01 12:44 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll
2018-07-17 14:07 - 2018-06-01 13:14 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2018-07-17 14:07 - 2018-06-01 12:44 - 000129776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2018-07-17 14:07 - 2018-06-01 13:14 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2018-07-17 14:07 - 2018-06-01 13:14 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2018-07-17 14:07 - 2018-06-01 13:14 - 000257264 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll
2018-07-17 14:07 - 2018-06-01 12:43 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000582384 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_DeviceStatus.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_DriverMode.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000336624 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_Lighting.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000150256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_Mapping.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000572144 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_MappingBaseM.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000537840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_OnboardMem.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000313584 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_PollingRate.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000334576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_Sensitivity.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000408304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_SurfaceCalBaseM.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_SurfaceCalPixart.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000291056 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_SwapMouseButtons.dll
2018-07-17 14:07 - 2018-05-18 12:54 - 000581872 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DeviceStatus.dll
2018-07-17 14:07 - 2018-05-18 12:54 - 000288496 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DriverMode.dll
2018-07-17 14:07 - 2018-05-31 06:08 - 000056048 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Lancehead Tournament Edition\Bin\RSy3_KeyboardKeys.dll
2017-11-29 16:25 - 2018-05-20 19:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-10 15:25 - 2018-07-10 15:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-10 15:18 - 2018-07-10 15:18 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-10 15:18 - 2018-07-10 15:18 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-07-01 12:28 - 2018-06-26 17:31 - 000047688 _____ () C:\Users\CrniOrao\AppData\Local\Viber\qrencode.dll
2018-07-01 12:28 - 2018-06-26 17:31 - 008940104 _____ () C:\Users\CrniOrao\AppData\Local\Viber\ViberRTC.dll
2018-07-01 12:28 - 2018-06-26 17:32 - 000471112 _____ () C:\Users\CrniOrao\AppData\Local\Viber\imageformats\qsvg.dll
2018-05-30 23:02 - 2018-05-30 23:04 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-05-30 23:02 - 2018-05-30 23:04 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-06-01 13:34 - 2018-06-01 13:34 - 000135408 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
2018-05-30 23:02 - 2018-05-30 23:04 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-05-30 23:02 - 2018-05-30 23:04 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-05-30 23:02 - 2018-05-30 23:04 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [460]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-736942876-451567912-225038537-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-736942876-451567912-225038537-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2018-07-17 14:07 - 000000827 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-736942876-451567912-225038537-1001\Control Panel\Desktop\\Wallpaper -> D:\Images\Backgrounds 1280x1024\Other's Backgrounds\BtD 1920x1200.jpg
DNS Servers: 195.29.150.3 - 195.29.10.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-736942876-451567912-225038537-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BF5F57CC-8EB7-4BC1-8225-80DCD1230A3B}] => (Allow) G:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{AE19CD3B-6091-409D-983F-60AECF3EC9F3}] => (Allow) G:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [UDP Query User{CE5827EA-6D08-4955-AB38-D8FAD185EFD6}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{719AB3F8-9535-489F-B0A9-343B566AA199}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{05FC298D-ADA8-4DBE-8F46-925581F539C8}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{E32542BC-E233-433B-B185-DF456791EDFD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{F5C7A61A-FA51-471E-8038-E2D48C470687}C:\program files (x86)\common files\oracle\java\javapath_target_4211484\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_4211484\java.exe
FirewallRules: [TCP Query User{E296014F-1447-4B25-928B-94298D95656D}C:\program files (x86)\common files\oracle\java\javapath_target_4211484\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_4211484\java.exe
FirewallRules: [UDP Query User{1FA88124-95C3-417A-8754-4B4BEA934B5C}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1BE59C38-BFF7-47DD-8003-C805E4D76F4B}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9DB38C10-2778-4262-963C-3B2FFD98A700}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe
FirewallRules: [TCP Query User{3FA70A48-083B-4A4D-A952-F145F0131957}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe
FirewallRules: [UDP Query User{7CA8015C-744F-46E9-9FF7-F01C5A1F92F8}E:\battlefield 4\battlefield 4\bf4.exe] => (Allow) E:\battlefield 4\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{E7AC612B-11C2-4A69-BBE1-1FA6A05019E4}E:\battlefield 4\battlefield 4\bf4.exe] => (Allow) E:\battlefield 4\battlefield 4\bf4.exe
FirewallRules: [{144018B2-CF26-4FCA-8052-92394DD0B8C8}] => (Allow) E:\Battlefield 4\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{E1516620-EB54-4CEC-A028-EE552BDE3803}] => (Allow) E:\Battlefield 4\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{FBD8B32F-10E1-47DA-8AB0-783C021AB77E}] => (Allow) E:\Battlefield 4\Battlefield 4\BFLauncher.exe
FirewallRules: [{D6B8EC77-26D3-4B26-BD28-F751DC32051C}] => (Allow) E:\Battlefield 4\Battlefield 4\BFLauncher.exe
FirewallRules: [{FBB68C68-37A0-4D5E-B947-A91E4D27D12D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{CD4623D8-606D-4918-80FC-77A493E8139B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{DD94B362-49A0-493A-B946-8AC7672F4077}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3EF6F9CA-FA3B-4ABB-AF70-5A5FB0F5305F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C95F2364-1654-42F2-8976-D2A3A2F94561}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5231E6B0-20AA-4589-91D7-AE6E146BE358}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{D73E3787-FFBD-4892-838D-FF305A9EB842}C:\program files\java\jre1.8.0_162\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_162\bin\javaw.exe
FirewallRules: [TCP Query User{B15F1507-B3CE-4D3B-856E-372684A85C61}C:\program files\java\jre1.8.0_162\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_162\bin\javaw.exe
FirewallRules: [UDP Query User{EA6EB2E3-831D-4D16-8A02-A4E8267BBD26}C:\programdata\oracle\java\javapath_target_33356031\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_33356031\java.exe
FirewallRules: [TCP Query User{C613F3F7-4C8A-43E8-A37F-5E42E897C382}C:\programdata\oracle\java\javapath_target_33356031\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_33356031\java.exe
FirewallRules: [UDP Query User{698B046E-A804-45DC-939A-B53B9FAF02B8}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4DFAE3EE-B4DD-4D47-90E1-967CA34950B3}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E8AED1D5-3005-4FC4-AE8E-173F014DD8C0}E:\the.forest.v0.71\theforest.exe] => (Allow) E:\the.forest.v0.71\theforest.exe
FirewallRules: [TCP Query User{30D3277B-E273-45BB-AFEF-2676863C7A5B}E:\the.forest.v0.71\theforest.exe] => (Allow) E:\the.forest.v0.71\theforest.exe
FirewallRules: [UDP Query User{8F4DA705-CFED-488B-987A-DCBF95C152BB}C:\users\crniorao\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Allow) C:\users\crniorao\appdata\roaming\utorrent\updates\3.5.3_44358.exe
FirewallRules: [TCP Query User{CF2AC45C-F867-445E-9C51-5835F9695CD2}C:\users\crniorao\appdata\roaming\utorrent\updates\3.5.3_44358.exe] => (Allow) C:\users\crniorao\appdata\roaming\utorrent\updates\3.5.3_44358.exe
FirewallRules: [UDP Query User{D51C653E-7CD3-481A-AC7B-A5604310B6C2}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{17D3811B-F0FD-400A-AC40-D9E2B9180F8E}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{7EAFF7DE-D99F-4257-83FC-F42A98412612}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{3C6E22FF-8589-4A7B-9B4C-BB913EB6CE7B}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{59136D0C-4AFC-42A0-8C3B-0ABF745243A0}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{F0980A25-A9C6-447E-8CF0-CB92A106D0FC}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{19F6C10C-586C-4F4C-918B-C83E0821DA81}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{6362EA29-2481-484F-9229-F5F7D429C490}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{19D09630-8039-4F85-B64B-4241520A73D5}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{AE6957CB-1DA1-4A1C-B97C-C5C1FE8E27AF}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [UDP Query User{A02C7B85-AB6E-41A4-9B63-4ABB14AAE57B}G:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{2C0A9ADF-F845-4456-AEFA-84697E6889FD}G:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{499A7F72-E375-416A-A953-D029B077FBD3}D:\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{2A762C3D-0324-48A2-B7BF-C4EF25EF52E1}D:\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DEA60892-6CD2-4B7F-BE24-DD415F0B673E}D:\heroes of the storm\versions\base63507\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base63507\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{CDA10F02-824B-437A-93C0-7ADFD67ED8B0}D:\heroes of the storm\versions\base63507\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base63507\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7BAD62DD-D6F2-419B-97B1-AF38D5039709}D:\heroes of the storm\versions\base63402\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base63402\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{833E0DEB-3C30-4150-9CB3-41EAAA532C68}D:\heroes of the storm\versions\base63402\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base63402\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{69DEF77F-32C6-447C-97AB-F4735B57AEC8}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{57291A87-769D-4DBC-A8B5-7B375FF004F6}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{928112F5-A11D-4643-BFB1-C42F3E66B80A}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{634AB89E-F3C7-4CD7-ADA3-D4559927A13D}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{A26A6316-2666-4BE3-84C2-FA6B690B4F9D}C:\programdata\oracle\java\javapath_target_21123218\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_21123218\java.exe
FirewallRules: [TCP Query User{1BF865E5-1B03-468E-85BC-058ABDFAACC9}C:\programdata\oracle\java\javapath_target_21123218\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_21123218\java.exe
FirewallRules: [UDP Query User{D836F8C4-6AB1-4A0A-BABE-6EA5C9A4E907}E:\starcraft ii\versions\base62848\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base62848\sc2_x64.exe
FirewallRules: [TCP Query User{C96B5026-BFF5-4E2E-B493-1898E37BF4F2}E:\starcraft ii\versions\base62848\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base62848\sc2_x64.exe
FirewallRules: [UDP Query User{C5B8B47A-8BA1-45CD-91CF-4C297224CFEC}E:\deep.rock.galactic.v0.7.12859.8\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\deep.rock.galactic.v0.7.12859.8\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe
FirewallRules: [TCP Query User{94AC680B-690F-4948-A81D-A987F4F563F9}E:\deep.rock.galactic.v0.7.12859.8\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\deep.rock.galactic.v0.7.12859.8\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe
FirewallRules: [UDP Query User{5E133B92-8B87-4C3E-B911-7B501CA6CB01}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{05321D7F-FBC3-4D91-BD46-6ACF1E50E61F}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F1C61B09-CB9D-40E3-8E68-62F31C456BF2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{01E191B0-6C38-4EFA-80FC-E9F536BBB194}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{109F367D-43EB-4A32-B928-13DA92E9EFC5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{6874B618-E961-4B98-BE2D-55663FD3F774}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{2B3D7FB9-48C5-4BF1-8706-5DD2E38967F3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{FF8639B0-76EC-40C1-8BD5-A0DA28D34605}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{CDA9B11A-9E07-4A51-BEAF-ACFB0919D470}E:\deep.rock.galactic\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\deep.rock.galactic\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe
FirewallRules: [TCP Query User{6444AB71-6B73-4D63-BAD8-136FDF48FB41}E:\deep.rock.galactic\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\deep.rock.galactic\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe
FirewallRules: [UDP Query User{9DD5B8AC-482A-4B58-97B3-12821A979FE1}E:\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [TCP Query User{F3D9B077-7BC6-4192-8B70-C8FF5EA3E11A}E:\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) E:\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [UDP Query User{6397B2B6-6056-4979-95D3-26A6DDEAE9EE}G:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) G:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe
FirewallRules: [TCP Query User{9F981832-7B35-462D-92B3-AAFBD5E6751C}G:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) G:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe
FirewallRules: [{360A9519-3037-4C41-99CD-63532BC64E0D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [UDP Query User{C3F7267D-C0C9-4409-98ED-94307E54BABF}C:\users\crniorao\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer] => (Allow) C:\users\crniorao\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer
FirewallRules: [TCP Query User{FDCFED04-98DB-4E40-AE20-8B1BE4EF7536}C:\users\crniorao\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer] => (Allow) C:\users\crniorao\appdata\local\temp\jivexviewer\jre\bin\jivex dicom cd viewer
FirewallRules: [UDP Query User{8D25036C-11CB-4454-B2CC-3C200EB6DEFA}H:\res\jre\bin\javaw.exe] => (Allow) H:\res\jre\bin\javaw.exe
FirewallRules: [TCP Query User{10080773-6D28-4378-9F7B-E3399B731129}H:\res\jre\bin\javaw.exe] => (Allow) H:\res\jre\bin\javaw.exe
FirewallRules: [{5F0708E0-DC01-4ABB-95B6-388324E01452}] => (Allow) C:\Users\CrniOrao\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1FC7527F-71F9-4FFE-B9FC-0473B401837E}] => (Allow) C:\Users\CrniOrao\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{218D6139-9157-4154-B363-8B94C1100EFF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6E88C2ED-7FB0-48E6-802E-78140394C76E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A72A3A77-598A-4303-8418-E5456B54583D}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{61ECA980-BFB1-4096-835B-32609A6CED3C}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{5D60EB83-53F3-4FF4-9467-E944B7EB9300}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9ED8A57F-6424-4E63-96B2-AC6C94C179F8}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{50973D38-7542-48B8-A28A-606B6A7488AB}] => (Allow) G:\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{BF115057-11E8-4A01-8A4A-2D57CA5C1D93}] => (Allow) G:\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{0D4B0EB3-D768-4FA0-A502-8C69BFF852ED}] => (Allow) C:\SteamSSD\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{EFE3C039-18FB-432E-AD4E-0E54F2E5A7A5}] => (Allow) C:\SteamSSD\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{31598A3F-7993-481A-9DD8-5000D95575A3}C:\steamssd\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamssd\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{1E266AC2-4559-4E78-BC50-47D6B7F5FCF0}C:\steamssd\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamssd\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{ED4A6F9B-2A36-4252-9E61-B22CA752CCED}G:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{96C654AA-35E0-4E90-A620-B64ADA8218E2}G:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{05F97C36-9D3B-41C1-8966-859711E0A7D3}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{A7B60877-51BA-44EB-B5AA-CCE09817D64B}C:\users\crniorao\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\crniorao\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CC13C098-2F5D-4AFB-8711-AEA4214385AB}C:\users\crniorao\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\crniorao\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EA0FA388-1B90-4EE3-B12C-EDD842C1FC28}] => (Block) C:\users\crniorao\appdata\roaming\spotify\spotify.exe
FirewallRules: [{15FCB1E8-3795-4FD5-A3F1-F20380B00370}] => (Block) C:\users\crniorao\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C2D1DE2B-554C-4BED-9A11-B9F08B28FF29}E:\popcorn-time\popcorn-time.exe] => (Allow) E:\popcorn-time\popcorn-time.exe
FirewallRules: [UDP Query User{0E5290B6-78DD-4956-86E4-3D9057EC3027}E:\popcorn-time\popcorn-time.exe] => (Allow) E:\popcorn-time\popcorn-time.exe
FirewallRules: [{D4365870-FC30-483D-8127-CD3FB050111F}] => (Allow) G:\Steam\steamapps\common\Planetoid Pioneers\Bin\x64\Crush2D_64.exe
FirewallRules: [{FF86E1E2-272F-4207-ACD3-663AD30AB61A}] => (Allow) G:\Steam\steamapps\common\Planetoid Pioneers\Bin\x64\Crush2D_64.exe
FirewallRules: [{6991C08D-27BB-489E-8BB3-734013CB02FA}] => (Allow) G:\Steam\steamapps\common\Planetoid Pioneers\Crush2D.exe
FirewallRules: [{52702C32-AF53-4B43-80ED-F0DE165F649E}] => (Allow) G:\Steam\steamapps\common\Planetoid Pioneers\Crush2D.exe
FirewallRules: [{09DD6BDE-BF7C-4EF0-8542-1AE78BB281DE}] => (Allow) C:\SteamSSD\steamapps\common\Rust\Rust.exe
FirewallRules: [{1734461B-72CD-4A9D-9AFC-B047DEB430CD}] => (Allow) C:\SteamSSD\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{9E6BAA16-6E09-46CD-9F48-0F69411E585B}D:\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E7309EA5-ED82-44EE-BEE1-69777685D32F}D:\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{20AC7354-B8D3-4DEE-97F1-3746D5133052}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{BB101D28-5BAC-4913-A376-7A7E731F3B06}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{D357FAF0-CBF5-4827-85EF-26316FD8FC95}] => (Allow) G:\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{199D1514-32C5-4B92-91CE-13782B443D18}] => (Allow) G:\Steam\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{1E853428-A106-41F8-89D5-B4D09083CA54}] => (Allow) G:\Steam\steamapps\common\Foxhole\War.exe
FirewallRules: [{4AFC8C6D-632E-4DCB-AEFC-2636AC3EE2C3}] => (Allow) G:\Steam\steamapps\common\Foxhole\War.exe
FirewallRules: [{40071B2C-41CE-4F30-8548-31746B519BB8}] => (Allow) G:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{52D585C1-5874-460B-B5FE-0D2BCFC24577}] => (Allow) G:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{02323C2B-FA15-43DA-AE61-269C1F678214}C:\users\crniorao\appdata\local\roblox\versions\version-155dffb79ed24454\robloxstudiobeta.exe] => (Allow) C:\users\crniorao\appdata\local\roblox\versions\version-155dffb79ed24454\robloxstudiobeta.exe
FirewallRules: [UDP Query User{4511C1CB-4BF2-4583-AB06-EE0BF2B601EC}C:\users\crniorao\appdata\local\roblox\versions\version-155dffb79ed24454\robloxstudiobeta.exe] => (Allow) C:\users\crniorao\appdata\local\roblox\versions\version-155dffb79ed24454\robloxstudiobeta.exe
FirewallRules: [TCP Query User{A85566D1-F4AF-4B9A-BE03-50BC3BD47CEF}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7D5E4125-D354-4E0D-8061-E80F03B56D12}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{1DBD8EE6-8CF2-4B02-80C4-6457277664E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C323D1FC-588F-4EAD-AE28-2202EFB26364}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{8C11A124-A42D-4590-88A7-3B46507A5B80}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [UDP Query User{68884E8C-9989-409E-B731-2C0B5C3B5DAF}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [{ABF0C992-2B04-49C5-9417-1BFD2B6C5AB9}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{0CD8CE52-94BF-4867-A54A-672C6941A9F9}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{77577165-0423-46A1-9EED-93312308D8F2}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{4C502E4A-A131-474F-9BFD-35C4E3A1C857}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{05EC9903-747B-48BE-8480-0E3DE32C0FBE}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{F31AEEAB-03F4-4EED-9513-B5F1A61B46CE}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{AA35A296-3738-4651-8EF6-53D9B21A6078}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{C0F779B4-1303-459E-A5A8-4486A75695A2}] => (Allow) G:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{0AD09E17-4B75-41FC-A757-E8A5867C900C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C1DD3847-2372-421E-95F4-420627967F9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C21067B1-5BE1-46A9-B7D0-33108758C227}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D58055AF-E27A-44BE-8282-4035C7C064B7}] => (Allow) G:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{EB8E4501-C7A5-4158-8D0D-8ABB9987A158}] => (Allow) G:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [TCP Query User{C608D47F-CC71-4FA9-B8E0-A4334E82C2A1}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{380B92A9-E90C-44A3-8511-61E199377EFA}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [{D8971003-2C5D-442F-8A9D-E6FB099B913E}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [{E672B6F7-C945-48ED-8C6C-36F4C2EE9083}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [{556EACC7-C572-4B32-AA56-7A8B2E1F1278}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CCA2026E-AA20-415D-9181-67D68FB92E01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0B49D2FE-49EE-4701-95CD-51BC8FD2B18F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1D6E4E6E-8F18-414E-AD58-BA90AE38D15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{00D51335-945F-4BC0-B5F9-F4ADFAE8D413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{66A1E736-B836-4773-9CEE-A6B449A5590A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7B92D22-6E2E-474A-8E70-F0866E74D649}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3800CA14-24DC-4853-9F41-3C6BAA0C8B83}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{27A0F8C9-663F-4B02-A65C-B8E5D30316F6}E:\borderlands 2\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\borderlands 2\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{A079C7CF-14B3-4B9A-A777-E0D0616BDF10}E:\borderlands 2\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\borderlands 2\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{75BF09AA-0F16-4EA0-AF06-612E510B2995}] => (Block) E:\borderlands 2\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{CEEC389C-C0EF-4906-ADE9-FA361AA546BB}] => (Block) E:\borderlands 2\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{A153AB33-EA00-46CA-8C7B-7FCC29DAA524}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{33D112A2-2FB9-4A45-8C6D-C4B1DDA2D240}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [{C5298190-427A-45D6-8ABE-A365FE48EC24}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [{C2F58D81-F170-4E04-B67D-6EC5F4BC03E0}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{5B0B1128-269E-40EA-9146-2A7DD28906D5}E:\the forest\theforest.exe] => (Allow) E:\the forest\theforest.exe
FirewallRules: [UDP Query User{93FE3B54-9297-4A5A-9CDB-80818ACAECBF}E:\the forest\theforest.exe] => (Allow) E:\the forest\theforest.exe
FirewallRules: [{478297DA-1822-49A9-991F-2986DB3F0ACB}] => (Block) E:\the forest\theforest.exe
FirewallRules: [{42D35541-B4AA-43A2-936D-98A4B941A204}] => (Block) E:\the forest\theforest.exe
FirewallRules: [TCP Query User{B03AB57F-2246-4033-A244-3B5DB2B2A76C}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{AE7F44DF-BCFE-431E-AFFF-C27564517EBE}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [{1C06AC26-19CA-436F-8B16-7B8D6F189D2F}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [{5403E8AB-008C-4083-A85D-A7E4154D1F49}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{3E353DC9-A774-4498-90B1-D5BE934ECDA1}D:\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E966926D-C7EC-4646-AC0C-2C28BA847584}D:\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe
FirewallRules: [{74665A4A-0EBD-4003-853D-BFE46DB9D61D}] => (Block) D:\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe
FirewallRules: [{676014E6-F70C-42F0-94DD-0C91AA8D2052}] => (Block) D:\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4C4A2BFD-51E5-4F22-AC86-047064A372ED}E:\wow beta\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\wow beta\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [UDP Query User{3ABBAC81-F8B9-419B-A77F-E9A7791CF420}E:\wow beta\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\wow beta\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [{BA3EE45D-052C-4189-B56C-CAEF658856E2}] => (Block) E:\wow beta\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [{C55AB4AA-04C3-4A76-AEAA-FAE3A4517F6B}] => (Block) E:\wow beta\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [TCP Query User{537E6501-7208-4EDA-833B-5A947ED7B5A5}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F3CB2787-12A4-4828-9032-8EE79ABFB14E}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{E85B1B9D-B5FB-42B0-9410-82D050B840D5}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{3FFAF090-9553-4754-B9E8-10C79A59AFC3}] => (Block) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [TCP Query User{FA3D66B8-48F3-40A7-B0B7-47707468128B}E:\forhonor\forhonor.exe] => (Allow) E:\forhonor\forhonor.exe
FirewallRules: [UDP Query User{58BD1772-031F-4609-BB2F-C7032799486F}E:\forhonor\forhonor.exe] => (Allow) E:\forhonor\forhonor.exe
FirewallRules: [{8B890757-EDB0-4EB0-A129-B6C2BC9BAD8A}] => (Allow) G:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FB74DAC3-CAA5-4529-B135-AF9A8961057E}] => (Allow) G:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0FBAE0FA-D427-4418-9CA4-7399C23D9554}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{E716DC61-6065-42F3-8841-8896F2D5B8A8}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{1913CF05-D109-41FE-9226-1B1CB04F27C7}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{67335AEA-B2BB-4B4D-BF2B-ACCBEF2AFE8C}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{B192D4C1-D96E-4348-B2B5-9EDEDF4F5260}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{FC164575-AF4A-476B-BCF6-1F05EDA9FC62}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{B9C44349-8ABB-44E4-B3EF-5FE76BDBDA61}] => (Allow) G:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{186E4CA6-A7DA-4865-918C-B08C078138F2}] => (Allow) G:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{6F002E80-8F9B-4506-93FC-5B8D7DE88B41}G:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) G:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{4ACCF405-A105-47F2-9A9C-24727BCDCD1E}G:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) G:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{A5C0E25D-B069-4AF7-938D-A3990F46327A}] => (Allow) G:\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe
FirewallRules: [{96941C94-FEE7-4E3F-AC40-8FE0433AA1D6}] => (Allow) G:\Steam\steamapps\common\Watch_Dogs2\bin\WatchDogs2.exe
FirewallRules: [TCP Query User{D6AE3814-DF47-4C6B-AB34-DDC5DF1323AC}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E94F12AA-DD0A-4B32-9E3F-93A8D73BF276}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [TCP Query User{6095CC66-DE4B-4D23-967C-90E02718DFC4}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4965B7D8-15A0-49F8-B11C-C972FBE58DE3}D:\league\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) D:\league\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4AFAE8FA-6A54-4C3B-9EB8-AB2D8271C107}D:\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C222DB18-2C5D-42B4-B9B7-CD29C516F859}D:\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{582C9B1E-AD4B-4717-B2BC-10825AE4E53A}D:\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\the sims 4\game\bin\ts4_x64.exe
FirewallRules: [UDP Query User{7006C9E6-CCB9-47A8-8752-9DA768D120BE}D:\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\the sims 4\game\bin\ts4_x64.exe
FirewallRules: [{505E8F8D-DA90-4FAD-B92B-B2939F364736}] => (Allow) G:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C7F4E113-9544-4D5B-9EA2-E31C77913D5F}] => (Allow) G:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CD209BCA-6F22-4661-9E44-5B3583F6F345}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6A3EA11B-5E0A-44A5-9778-31C02B100CBC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{84F4B83C-2BD2-44B3-B2D3-3775D9C4C4A3}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{FCD18A4D-3828-4646-A401-65B0C9611928}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{AF72BB34-6B7F-4A7B-9D66-85CBFEABA07F}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{0AA02DDB-76ED-4814-9676-1843EAA6EECA}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{96504BA9-4FD8-42E4-A845-D56EEAFE9500}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{7761C45C-AFA7-480A-B0BD-B668B0981A29}] => (Allow) G:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{8B724A74-6F25-4AB7-A5B6-AF736347B92B}] => (Allow) G:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{3BD7C952-4B6C-4BB0-B0AE-DAD870545643}] => (Allow) G:\Steam\steamapps\common\Starbound\win32\starbound.exe
==================== Restore Points =========================
05-07-2018 03:03:48 Scheduled Checkpoint
12-07-2018 05:39:33 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/17/2018 02:08:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/17/2018 02:08:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (07/17/2018 01:45:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/17/2018 01:45:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (07/17/2018 01:37:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/17/2018 01:37:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (07/17/2018 01:34:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/17/2018 01:34:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
System errors:
=============
Error: (07/17/2018 02:07:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinDefendSecurity service failed to start due to the following error:
The system cannot find the path specified.
Error: (07/17/2018 01:44:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinDefendSecurity service failed to start due to the following error:
The system cannot find the path specified.
Error: (07/17/2018 01:37:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Defender Security Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/17/2018 01:37:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-RQNHLVS)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-RQNHLVS\CrniOrao SID (S-1-5-21-736942876-451567912-225038537-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/17/2018 01:37:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-RQNHLVS)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-RQNHLVS\CrniOrao SID (S-1-5-21-736942876-451567912-225038537-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/17/2018 01:37:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-RQNHLVS)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user DESKTOP-RQNHLVS\CrniOrao SID (S-1-5-21-736942876-451567912-225038537-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/17/2018 01:34:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Defender Security Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/17/2018 01:34:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2018-05-30 15:13:09.225
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-30 15:13:09.218
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-05-30 15:13:09.128
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 46%
Total physical RAM: 8129.05 MB
Available physical RAM: 4309.41 MB
Total Virtual: 14273.05 MB
Available Virtual: 8952.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.25 GB) (Free:48.39 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:488.28 GB) (Free:234.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Local Disk) (Fixed) (Total:232.44 GB) (Free:97.49 GB) NTFS
Drive g: (Local Disk) (Fixed) (Total:443.23 GB) (Free:166 GB) NTFS
\\?\Volume{abcb033b-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{abcb033b-0000-0000-0000-a0af37000000}\ () (Fixed) (Total:0.82 GB) (Free:0.45 GB) NTFS
\\?\Volume{f250f250-0000-0000-0000-601c3a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: ABCB033B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=844 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F8E55697)
Partition 1: (Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: F250F250)
Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Edited by CrniOrao, 18 July 2018 - 04:55 PM.