Win32/Wacapew.C!ml Cannot Remove - Virus, Trojan, Spyware, And ...

Có thể bạn quan tâm

Sign In
Create Account

Search Advanced

View New Content
Forum Rules
BleepingComputer.com
Forums
Members
Tutorials
Startup List
Virus Removal
Downloads
Uninstall List
Welcome Guide
More

Javascript Disabled DetectedYou currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: OpenAI's ChatGPT ads will allegedly prioritize sponsored content in answers

Featured Deal: Learn ChatGPT + 20+ AI tools for just $17.97 in this course deal

Latest Buyer's Guide: Best VPNs in 2025

Win32/Wacapew.C!ml cannot remove Started by honya15 , Sep 04 2020 04:15 PM

This topic is locked

12 replies to this topic

#1 honya15

Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 04 September 2020 - 04:15 PM

Hello

Today my Windows Defender popped up with this notification

Attached File defender.png 15.92KB 1 downloads

Pressing Remove results in failure. Could not find anything about this threat, every site writes different info.

I haven't seen any misfunction on my computer, but the "Affected items" part is worrying me.

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-09-2020 Ran by Honya (administrator) on HONYA-PC (Gigabyte Technology Co., Ltd. Z97P-D3) (04-09-2020 23:01:49) Running from C:\Users\Honya\Downloads Loaded Profiles: Honya Platform: Windows 10 Pro Version 1903 18362.1016 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\104.4.175\QtWebEngineProcess.exe <3> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Kristjan Skutta -> ) D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.30001.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.44.30001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1012_none_171983fb2a153d25\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (OOO Lightshot -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Venturi) [File not signed] C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7651840 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> ) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve -> Valve Corporation) HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-09-04] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-30] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --origin-trial-disabled-features=MeasureMemory --restore-last-sess (the data entry has 323 more characters). HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-01] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HideVolumeOSD.lnk [2020-07-28] ShortcutTarget: HideVolumeOSD.lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) [File not signed] GroupPolicy: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08429FBB-D550-4895-AD67-81E2D967505B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0A411554-68C8-404F-A9CD-AB1CD3A06F55} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0B3AB250-4A7C-48F5-9098-99825212750E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1B2546BB-3E3A-4708-8FFE-85EBFFA8FF07} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {24004A2C-664E-4B1B-8688-1DFD409A1E42} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {25323AB8-7C2B-4E0A-8E27-A629D1DE40E5} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {28B484B4-CDB7-4982-A1F9-FB9529FD990B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {295AEE21-9DFD-43E8-8FBC-B4AF1EB62372} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3B32B149-E677-42DB-934B-E5D1C857B36A} - System32\Tasks\SafeZone scheduled Autoupdate 1469622111 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {3C86611E-ECD9-44E1-B707-D305045AD816} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {3D216C08-E9B0-4B28-80F8-F9A091FDBA69} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3EF1F899-2645-4AC9-8F26-31BA383CCB81} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {41955829-4F81-4047-BE22-1DC8EE4143D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-07] (Dropbox, Inc -> Dropbox, Inc.) Task: {42A1C3EC-E8FF-43C4-ADC7-23ACE3EE2B9B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {459A788B-C380-43C3-A7B7-1DDE478FFAC1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {542363F2-6CBE-44CD-AE6A-65BCAF298834} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {56CE5BF3-13D6-492E-A23A-DABDB915A6E7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5CEBDB20-0F99-4ED9-B678-6A97D02D89EB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {5D5AF063-70F3-4343-B0B2-E918A7D8D99D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6274C9E4-51A6-465F-98CE-A8762B7E595E} - System32\Tasks\update-S-1-5-21-1944517194-4121678422-2975395376-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {6A33BB40-FC2A-4DBC-BA02-50AC344BF8F6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {73F3377B-A02D-4863-9BA3-FFE6A610071A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {751D5A85-1C53-4A42-AB05-B3EFB673D3F1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {771ADDDA-0AC4-4D33-989D-92BE9C09FD7E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {7F7CAF69-6324-456B-A98A-5D9C098ABD40} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7FA65462-1048-43EA-BAE1-C5998E7C9E07} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {80228B22-A6A9-4B25-8462-D627D88C00F7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-07] (Dropbox, Inc -> Dropbox, Inc.) Task: {816DBC80-9ACA-4048-A1A7-17A33EFBA2A4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {85530D31-D45F-4B3E-B776-131A640AEE2A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {867EB98B-996B-400E-B51D-9D4F7D4797F8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {99D9FC76-47CF-4321-9092-BC891100DB5E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {9BEF0000-FAF6-482B-9FA5-3AEB14E63207} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {9F5C9CA3-4792-4CBE-91B1-D467A8A75165} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {A325F25D-8738-434D-A3AC-16A018BA56BD} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {AC985544-90AD-47C1-98B2-38F22F477C6C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B4EAD245-88C7-4D23-B959-667915EB9B98} - System32\Tasks\AdobeGCInvoker-1.0-Honya-PC-Honya => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {B55481E0-AE71-44AB-957A-838A5038F79F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B84C1E13-278A-45B1-A300-4C10C0C42BC8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {B876081A-4BF6-45D1-8EF5-C261A6D349CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.) Task: {B904D35E-6518-42B7-AD47-1EBA7C644150} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1501F31-2C2E-41EF-B653-EA3EAE9F113F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C9E9CCF2-532E-47CB-A956-9BAE4C65D5F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.) Task: {CBC4468D-BDAD-4B00-999A-6D682E391B6B} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {CC993569-24F4-470F-8627-8B3B9893785E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D7FA28F1-E41E-4421-A95F-6EAEDB9F734E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D9D9B781-D679-426C-8AAF-41A5163C8B30} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {DA403ECE-24AB-4C98-8277-800DB846D20A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {DD047320-B45F-43FF-9261-ABC7840A49FB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F9BC8D23-8588-4556-9AC9-41D53238FB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-1944517194-4121678422-2975395376-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 213.46.246.53 213.46.246.54 Tcpip\..\Interfaces\{78e5c68c-654e-4f27-a6af-c033dffbdcc7}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{a93d4821-75f7-4571-afbe-cfc712f755bb}: [DhcpNameServer] 213.46.246.53 213.46.246.54 Internet Explorer: ================== BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) Edge: ====== DownloadDir: C:\Users\Honya\Downloads Edge Profile: C:\Users\Honya\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-04] Edge DownloadDir: C:\Users\Honya\Downloads FireFox: ======== FF DefaultProfile: qk6sadr1.default FF ProfilePath: C:\Users\Honya\AppData\Roaming\Mozilla\Firefox\Profiles\qk6sadr1.default [2019-03-08] FF Extension: (Media Keys) - C:\Users\Honya\AppData\Roaming\Mozilla\Firefox\Profiles\qk6sadr1.default\Extensions\[email protected] [2018-11-19] FF Extension: (uBlock Origin) - C:\Users\Honya\AppData\Roaming\Mozilla\Firefox\Profiles\qk6sadr1.default\Extensions\[email protected] [2018-11-19] FF Extension: (Telemetry coverage) - C:\Users\Honya\AppData\Roaming\Mozilla\Firefox\Profiles\qk6sadr1.default\features\{44f5a698-8594-4ccf-b4b7-d7bf6010682f}\[email protected] [2018-11-19] [Legacy] FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default [2020-09-04] CHR Extension: (Slides) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-14] CHR Extension: (Docs) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-14] CHR Extension: (Google Drive) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-14] CHR Extension: (YouTube) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-14] CHR Extension: (uBlock Origin) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-22] CHR Extension: (Sheets) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-14] CHR Extension: (Chrome Remote Desktop) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-18] CHR Extension: (Google Docs Offline) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-14] CHR Extension: (Photopea) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdklklfpinionkgpmghaghehojplfjio [2020-04-24] CHR Extension: (Sound Booster that works!) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflaogbiblbidhaogjjagjpjcflipklo [2018-10-02] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-07-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01] CHR Extension: (Gmail) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23] CHR Extension: (Chrome Media Router) - C:\Users\Honya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-01] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7201680 2018-11-01] (BattlEye Innovations e.K. -> ) S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2020-06-07] (BitRaider LLC -> BitRaider, LLC) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-07] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-07] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-08-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-04] (Malwarebytes Inc -> Malwarebytes) S4 NGS; C:\WINDOWS\NGService.exe [2994248 2018-10-10] (NEXON Korea Corporation. -> NEXON Korea Corporation) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) [File not signed] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-02-26] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3445560 2020-02-26] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6149984 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation) R2 Wallpaper Engine Service; D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [337920 2017-09-10] () [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2020-06-07] (BitRaider -> BitRaider) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed] S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-01] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-01] (Disc Soft Ltd -> Disc Soft Ltd) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-30] (ESET, spol. s r.o. -> ESET) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-04] (Malwarebytes Inc -> Malwarebytes) S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2017-08-05] (SoftEther Corporation -> SoftEther Corporation) S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer USA Ltd. -> Razer Inc) R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2017-08-05] (SoftEther Corporation -> SoftEther Corporation) R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> ) S3 TabletFilter; C:\WINDOWS\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win7.sys [41192 2017-02-25] (Vincent Burel -> Windows ® Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation) R3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [34496 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2020-03-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-09-04 23:01 - 2020-09-04 23:02 - 000029752 _____ C:\Users\Honya\Downloads\FRST.txt 2020-09-04 23:01 - 2020-09-04 23:02 - 000000000 ____D C:\FRST 2020-09-04 22:57 - 2020-09-04 22:57 - 002299392 _____ (Farbar) C:\Users\Honya\Downloads\FRST64.exe 2020-09-04 20:18 - 2020-09-04 20:18 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-09-04 20:18 - 2020-09-04 20:18 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-09-04 20:18 - 2020-09-04 20:18 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-09-04 20:18 - 2020-09-04 20:18 - 000000000 ____D C:\Users\Honya\AppData\Local\mbam 2020-09-04 20:18 - 2020-09-04 20:17 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-09-04 20:18 - 2020-09-04 20:17 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-09-04 20:17 - 2020-09-04 20:17 - 002040904 _____ (Malwarebytes) C:\Users\Honya\Downloads\MBSetup.exe 2020-09-04 20:17 - 2020-09-04 20:17 - 000000000 ____D C:\Program Files\Malwarebytes 2020-09-04 20:03 - 2020-09-04 20:03 - 000000000 ____D C:\WINDOWS\pss 2020-09-04 17:56 - 2020-09-04 17:56 - 000000000 ___HD C:\OneDriveTemp 2020-09-04 17:06 - 2020-09-04 17:06 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2020-09-01 17:08 - 2020-09-01 21:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2020-08-29 00:22 - 2020-08-29 00:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX 2020-08-29 00:21 - 2020-08-29 00:21 - 028198952 _____ (SQUARE ENIX CO., LTD.) C:\Users\Honya\Downloads\ffxivsetup.exe 2020-08-22 17:40 - 2020-08-22 17:40 - 845619943 _____ C:\Users\Honya\Downloads\gf face kissing.mov 2020-08-18 19:47 - 2020-08-25 15:09 - 000000000 ____D C:\tmp 2020-08-17 15:20 - 2020-08-17 15:20 - 000000868 _____ C:\Users\Honya\AppData\Local\recently-used.xbel 2020-08-15 13:06 - 2020-08-15 13:53 - 000000000 ____D C:\Users\Honya\AppData\Local\Mariner 2020-08-14 20:25 - 2020-08-14 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2020-08-12 12:23 - 2020-08-12 12:23 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-08-12 12:23 - 2020-08-12 12:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-08-12 12:23 - 2020-08-12 12:23 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-08-12 12:23 - 2020-08-12 12:23 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-08-12 12:23 - 2020-08-12 12:23 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2020-08-12 12:23 - 2020-08-12 12:23 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2020-08-12 12:23 - 2020-08-12 12:23 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2020-08-12 12:23 - 2020-08-12 12:23 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys 2020-08-12 12:23 - 2020-08-12 12:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2020-08-12 12:23 - 2020-08-12 12:23 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2020-08-12 12:23 - 2020-08-12 12:23 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2020-08-12 12:23 - 2020-08-12 12:23 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2020-08-12 12:22 - 2020-08-12 12:22 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2020-08-12 12:22 - 2020-08-12 12:22 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2020-08-12 12:22 - 2020-08-12 12:22 - 003984896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2020-08-12 12:22 - 2020-08-12 12:22 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-08-12 12:22 - 2020-08-12 12:22 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2020-08-12 12:22 - 2020-08-12 12:22 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2020-08-12 12:22 - 2020-08-12 12:22 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2020-08-12 12:22 - 2020-08-12 12:22 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2020-08-12 12:22 - 2020-08-12 12:22 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000275256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2020-08-12 12:22 - 2020-08-12 12:22 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys 2020-08-12 12:22 - 2020-08-12 12:22 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2020-08-12 12:22 - 2020-08-12 12:22 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe 2020-08-12 12:22 - 2020-08-12 12:22 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2020-08-12 12:22 - 2020-08-12 12:22 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll 2020-08-12 12:22 - 2020-08-12 12:22 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll 2020-08-12 12:17 - 2020-08-12 12:17 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-08-12 12:17 - 2020-08-12 12:17 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-08-12 03:35 - 2020-08-12 03:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2020-08-12 03:35 - 2020-08-12 03:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2020-08-12 03:35 - 2020-08-12 03:35 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2020-08-12 03:35 - 2020-08-12 03:35 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2020-08-09 12:39 - 2020-08-09 12:39 - 000193704 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-09-04 23:01 - 2017-02-14 20:36 - 000000000 ____D C:\Users\Honya\AppData\Local\CrashDumps 2020-09-04 23:01 - 2016-10-01 09:15 - 000000000 ____D C:\ProgramData\NVIDIA 2020-09-04 23:00 - 2016-07-27 20:46 - 000000000 ____D C:\Program Files (x86)\Steam 2020-09-04 22:59 - 2019-08-08 01:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-09-04 22:59 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-09-04 22:59 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-09-04 22:59 - 2017-04-15 13:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-09-04 22:59 - 2016-11-14 23:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-09-04 22:59 - 2016-07-27 20:40 - 000000000 __SHD C:\Users\Honya\IntelGraphicsProfiles 2020-09-04 22:42 - 2019-08-08 01:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-09-04 20:27 - 2019-08-08 11:04 - 000762840 _____ C:\WINDOWS\system32\perfh00E.dat 2020-09-04 20:27 - 2019-08-08 11:04 - 000180508 _____ C:\WINDOWS\system32\perfc00E.dat 2020-09-04 20:27 - 2019-08-08 11:03 - 000502602 _____ C:\WINDOWS\system32\perfh011.dat 2020-09-04 20:27 - 2019-08-08 11:03 - 000145184 _____ C:\WINDOWS\system32\perfc011.dat 2020-09-04 20:27 - 2019-08-08 01:59 - 002509702 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-09-04 20:27 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2020-09-04 20:20 - 2016-12-18 13:42 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-09-04 20:20 - 2016-08-11 18:57 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-09-04 20:18 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-09-04 20:06 - 2019-08-08 13:00 - 000000000 ____D C:\WINDOWS\Panther 2020-09-04 19:52 - 2016-10-28 23:44 - 000000000 ____D C:\Users\Honya\AppData\Roaming\discord 2020-09-04 18:20 - 2019-08-08 01:51 - 000000000 ____D C:\Users\Honya 2020-09-04 18:18 - 2017-02-25 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.5.2f1 (64-bit) 2020-09-04 18:11 - 2016-07-27 20:33 - 000000000 ___RD C:\Users\Honya\OneDrive 2020-09-04 18:08 - 2017-11-30 14:23 - 000000000 ____D C:\Users\Honya\AppData\Local\Packages 2020-09-04 18:05 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-09-04 18:05 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-09-04 17:55 - 2019-08-08 01:56 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1944517194-4121678422-2975395376-1000 2020-09-04 17:55 - 2019-08-08 01:51 - 000002405 _____ C:\Users\Honya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-09-04 17:18 - 2016-07-28 03:06 - 000000000 ____D C:\Users\Honya\AppData\Roaming\vlc 2020-09-04 17:09 - 2016-11-16 00:59 - 000000000 ____D C:\Users\Honya\AppData\LocalLow\Mozilla 2020-09-04 17:08 - 2019-08-08 01:56 - 000004154 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F4DBAF85-C393-4F7F-A465-028781DF3493} 2020-09-02 22:55 - 2020-06-03 13:49 - 001524160 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2020-09-02 22:55 - 2020-06-03 13:49 - 000166832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2020-09-02 22:55 - 2020-06-03 13:49 - 000158640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2020-09-02 22:55 - 2020-06-03 13:49 - 000150464 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2020-09-02 22:55 - 2020-06-03 13:49 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2020-09-02 22:55 - 2020-06-03 13:49 - 000033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2020-09-02 11:03 - 2020-07-21 12:03 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-09-02 11:03 - 2018-05-15 10:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-09-02 10:59 - 2016-07-27 15:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-09-01 21:14 - 2016-07-27 20:38 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2020-09-01 18:28 - 2018-09-19 23:01 - 000000600 _____ C:\Users\Honya\AppData\Local\PUTTY.RND 2020-09-01 15:29 - 2016-12-17 22:21 - 000000000 ____D C:\Users\Honya\AppData\Roaming\VisualAssist 2020-09-01 01:18 - 2018-06-14 00:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-08-31 22:38 - 2020-03-14 13:44 - 000000000 ____D C:\Users\Honya\AppData\Local\Battle.net 2020-08-30 04:54 - 2020-06-03 13:49 - 000214456 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll 2020-08-30 03:42 - 2020-06-03 13:49 - 000172992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll 2020-08-29 17:05 - 2018-11-13 22:35 - 000000000 ____D C:\Users\Honya\AppData\Roaming\qBittorrent 2020-08-29 15:00 - 2016-08-27 22:16 - 000000000 ____D C:\Users\Honya\AppData\Roaming\TeamViewer 2020-08-29 00:22 - 2016-07-27 14:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-08-28 09:31 - 2020-07-21 12:03 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-08-28 09:31 - 2020-07-21 12:03 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-08-27 02:01 - 2019-06-06 23:12 - 000000000 ____D C:\Users\Honya\AppData\Roaming\itch 2020-08-26 17:21 - 2018-03-15 21:45 - 000000000 ____D C:\Users\Honya\Documents\Visual Studio 2015 2020-08-26 17:20 - 2019-06-06 23:12 - 000000000 ____D C:\Users\Honya\AppData\Roaming\gops 2020-08-25 20:19 - 2017-03-04 19:39 - 000000000 ____D C:\Users\Honya\AppData\Roaming\obs-studio 2020-08-25 17:23 - 2019-03-13 23:20 - 000000000 ____D C:\Users\Honya\AppData\Roaming\Code 2020-08-21 21:31 - 2018-05-15 10:11 - 000000000 ____D C:\Users\Honya\AppData\Local\D3DSCache 2020-08-18 20:20 - 2020-07-25 13:00 - 000000000 ____D C:\Users\Honya\AppData\Roaming\LosslessCut 2020-08-17 15:20 - 2020-02-08 16:31 - 000000000 ____D C:\Users\Honya\AppData\Local\babl-0.1 2020-08-15 13:06 - 2020-02-27 19:45 - 000000000 ____D C:\Users\Honya\AppData\Roaming\EasyAntiCheat 2020-08-15 13:06 - 2016-07-27 21:17 - 000000000 ____D C:\Users\Honya\AppData\Local\UnrealEngine 2020-08-14 20:25 - 2016-08-07 23:44 - 000000000 ____D C:\Program Files (x86)\Dropbox 2020-08-13 07:51 - 2019-08-08 01:47 - 002301400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-08-13 07:51 - 2017-11-30 14:43 - 000000000 ___RD C:\Users\Honya\3D Objects 2020-08-13 07:51 - 2016-04-27 08:42 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-08-13 01:33 - 2019-03-19 08:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning 2020-08-13 01:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-08-13 01:33 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing 2020-08-12 12:25 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-08-09 12:40 - 2019-08-20 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2020-08-09 12:40 - 2019-08-20 16:46 - 000000000 ____D C:\Program Files (x86)\Java 2020-08-09 12:39 - 2019-08-20 16:49 - 000193704 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2020-08-09 12:39 - 2019-08-20 16:49 - 000000000 ____D C:\Program Files\Java 2020-08-09 12:38 - 2019-08-20 16:46 - 000166056 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2020-08-08 23:35 - 2020-06-04 18:46 - 000000000 ____D C:\Users\Honya\AppData\Roaming\ScreenToGif 2020-08-06 20:38 - 2016-10-28 23:43 - 000000000 ____D C:\Users\Honya\AppData\Local\Discord ==================== Files in the root of some directories ======== 2017-02-25 20:02 - 2019-09-06 21:39 - 000004417 _____ () C:\Users\Honya\AppData\Roaming\VoiceMeeterDefault.xml 2019-09-15 18:14 - 2020-05-20 20:38 - 000126998 _____ () C:\Users\Honya\AppData\Local\krita.log 2020-05-20 20:38 - 2020-05-20 20:38 - 000000152 _____ () C:\Users\Honya\AppData\Local\kritadisplayrc 2019-09-15 18:14 - 2020-05-20 20:38 - 000022643 _____ () C:\Users\Honya\AppData\Local\kritarc 2019-12-18 00:08 - 2020-01-07 15:14 - 000000090 _____ () C:\Users\Honya\AppData\Local\kritashortcutsrc 2018-10-23 02:06 - 2018-10-23 02:06 - 000000410 _____ () C:\Users\Honya\AppData\Local\oobelibMkey.log 2018-09-19 23:01 - 2020-09-01 18:28 - 000000600 _____ () C:\Users\Honya\AppData\Local\PUTTY.RND 2020-08-17 15:20 - 2020-08-17 15:20 - 000000868 _____ () C:\Users\Honya\AppData\Local\recently-used.xbel 2018-03-15 21:33 - 2019-11-15 21:18 - 000007656 _____ () C:\Users\Honya\AppData\Local\Resmon.ResmonCfg 2020-07-03 22:54 - 2020-07-22 20:33 - 000004385 _____ () C:\Users\Honya\AppData\Local\stub.log 2017-10-18 15:56 - 2017-10-18 15:56 - 000000003 _____ () C:\Users\Honya\AppData\Local\updater.log 2017-10-18 15:56 - 2017-10-18 15:56 - 000000425 _____ () C:\Users\Honya\AppData\Local\UserProducts.xml 2016-08-11 18:51 - 2016-08-11 18:51 - 000000000 _____ () C:\Users\Honya\AppData\Local\{16D2E356-96E8-4433-9713-306AE12A2392} 2016-08-11 18:52 - 2016-08-11 18:52 - 000000000 _____ () C:\Users\Honya\AppData\Local\{373B51CF-DC1E-4502-BC41-90E7104634B0} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 honya15

Topic Starter
Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 04 September 2020 - 04:17 PM

Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2020 Ran by Honya (04-09-2020 23:03:09) Running from C:\Users\Honya\Downloads Windows 10 Pro Version 1903 18362.1016 (X64) (2019-08-07 23:56:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1944517194-4121678422-2975395376-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1944517194-4121678422-2975395376-503 - Limited - Disabled) Guest (S-1-5-21-1944517194-4121678422-2975395376-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-1944517194-4121678422-2975395376-1003 - Limited - Enabled) Honya (S-1-5-21-1944517194-4121678422-2975395376-1000 - Administrator - Enabled) => C:\Users\Honya WDAGUtilityAccount (S-1-5-21-1944517194-4121678422-2975395376-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Tűzfal (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} FW: ESET Tűzfal (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3D Ripper DX v1.8.2 (HKLM-x32\...\3D Ripper DX_is1) (Version: - Roman Lut) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated) Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden AutoHotkey 1.1.24.03 (HKLM\...\AutoHotkey) (Version: 1.1.24.03 - Lexikos) Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) Blade & Soul Launcher Bundle (HKLM-x32\...\{fcb7b621-345c-46f2-a010-76a58c939d54}) (Version: 1.0.2.0 - NC Interactive, LLC) Hidden Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blender (HKLM\...\{9EFFC5E1-4808-47C4-9650-AAA08C64FAA6}) (Version: 2.83.2 - Blender Foundation) Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation) ClickOnce Bootstrapper Package for Microsoft .NET Framework 4.6.2 on Visual Studio 2015 (HKLM-x32\...\{5C582D1D-0BAE-40FA-A6FA-401B4E088728}) (Version: 4.6.01590 - Microsoft Corporation) CMake (HKLM\...\{72DA7A62-0082-4E68-A6FB-52B9A1141C7C}) (Version: 3.7.1 - Kitware) Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation) DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\Discord) (Version: 0.0.307 - Discord Inc.) Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 104.4.175 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden Epic Games Launcher (HKLM-x32\...\{3ECF91A4-EE22-4A3A-921F-36ECAA04C13D}) (Version: 1.1.147.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FAHClient (HKLM-x32\...\FAHClient) (Version: 7.5.1 - [email protected]) FileZilla Client 3.35.1 (HKLM-x32\...\FileZilla Client) (Version: 3.35.1 - Tim Kosse) FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation) GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team) Git Extensions 2.50.02 (HKLM-x32\...\{D1686E6B-D327-468F-B9BA-65C408A94BD8}) (Version: 2.50.02 - Henk) Git version 2.13.2 (HKLM-x32\...\Git_is1) (Version: 2.13.2 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) HideVolumeOSD 1.2 (HKLM-x32\...\HideVolumeOSD_is1) (Version: 1.2 - Venturi) icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) itch (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\itch) (Version: 25.4.0 - itch corp.) Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden Krita (x64) 4.2.8 (HKLM\...\Krita_x64) (Version: 4.2.8.0 - Krita Foundation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) LOOT version 0.15.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.15.1 - LOOT Team) Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes) Metasequoia 4 (64bit) (HKLM\...\{3FBB2621-2ABA-4FEA-B93E-3854849DECC8}) (Version: 4.5.6 - tetraface Inc.) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{5F01B3C4-9BEC-465D-9C68-BB97D381FFAD}) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 Targeting Pack (ENU) (HKLM-x32\...\{C80951BD-6904-474F-BBC5-03A6C777F37C}) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{A18D4C2A-07A8-40E4-9797-DD324E6EA4FC}) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.44 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - ) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation) Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation) Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{4B2B6F4B-9B09-46ED-935E-A84A669D2DC9}) (Version: 2.8.2.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.47.3 - Microsoft Corporation) Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1104.625 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 68.12.0.7537 - Mozilla) Mozilla Thunderbird 68.12.0 (x86 hu) (HKLM-x32\...\Mozilla Thunderbird 68.12.0 (x86 hu)) (Version: 68.12.0 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Node.js (HKLM\...\{672B5547-D20B-4D19-9BFD-B93C32BC77DA}) (Version: 6.9.1 - Node.js Foundation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation) NVIDIA Graphics Driver 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.0 - OBS Project) Origin (HKLM-x32\...\Origin) (Version: 10.5.65.38147 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham) Python 2.7.17 (64-bit) (HKLM\...\{9255D53C-6C21-4664-AAF3-6EAC50F867Da}) (Version: 2.7.17150 - Python Software Foundation) Python 3.7.3 (32-bit) (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\{24ac8299-2abd-4ddd-8be3-031debb6093c}) (Version: 3.7.3150.0 - Python Software Foundation) Python 3.7.3 Add to Path (32-bit) (HKLM-x32\...\{2DB1318D-E51C-419B-99D5-D15F7120BD09}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Core Interpreter (32-bit) (HKLM-x32\...\{33AB9CEA-621E-4064-9FB0-7048E79DB5B5}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Development Libraries (32-bit) (HKLM-x32\...\{52DDE5D8-B45C-4C1D-81DD-D72317DE8B08}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Documentation (32-bit) (HKLM-x32\...\{2BC067C0-B392-49C0-988B-C839C62D8B65}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Executables (32-bit) (HKLM-x32\...\{E3E61712-C062-45E7-8348-D7DBF66FACFD}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 pip Bootstrap (32-bit) (HKLM-x32\...\{9846DC93-4A39-496F-8AE3-0E3AB4EF4385}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Standard Library (32-bit) (HKLM-x32\...\{DC6190E7-D05E-465A-9FB6-7418BC901991}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{1341418F-C713-4943-ACB2-9F4D4743D193}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Test Suite (32-bit) (HKLM-x32\...\{FE5E4BF9-7487-4CE8-A2AC-F78C6B4BE487}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python 3.7.3 Utility Scripts (32-bit) (HKLM-x32\...\{AE9303AD-EBD0-4C85-A9D0-55B1BA972D11}) (Version: 3.7.3150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{A28C27E4-A725-482A-9C65-61EDC0E4D583}) (Version: 3.7.6657.0 - Python Software Foundation) qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project) Quixel Mixer (HKLM\...\Quixel Mixer 2020.1.3) (Version: 2020.1.3 - Quixel AB) Quixel Mixer version 2020.1.1 (HKLM\...\{2D3D413B-1330-4E35-9680-33301EDE971A}_is1) (Version: 2020.1.1 - Quixel AB) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.) Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden S4 League version 1362 (HKLM-x32\...\S4 League_is1) (Version: 1362 - Aeria Games) SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Skype version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.) Speedlink Tarios Gaming Mouse (HKLM-x32\...\{6AE12DBB-62BF-4F84-A02F-DC9CC73F3A98}_is1) (Version: 1.0 - Joellenbeck GmbH) STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.6.0 - Electronic Arts, Inc.) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.9.4 - TeamViewer) Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH) Twitch (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Twitch Interactive, Inc.) Twitch (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft) vcpp_crt.redist.clickonce (HKLM-x32\...\{253D6AD3-5786-4B3B-B4E1-E082482A1F26}) (Version: 14.16.27033 - Microsoft Corporation) Hidden Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation) Visual Studio Community 2017 (HKLM-x32\...\6b4d3e21) (Version: 15.7.27703.2042 - Microsoft Corporation) Visual Studio Community 2017 (HKLM-x32\...\f7913018) (Version: 15.9.28307.1033 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\WinDirStat) (Version: - ) Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation) Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation) Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation) Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden WO Mic Client (HKLM-x32\...\WOMic) (Version: - ) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-09-15] (Adobe Systems Incorporated) Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_22.3.12.2_x64__adky2gkssdxte [2019-09-15] (Adobe Systems Incorporated) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad] WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-27] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1944517194-4121678422-2975395376-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D28EB6F7BDC8} -> [Creative Cloud Files] => C:\Users\Honya\Creative Cloud Files [2019-09-15 18:18] CustomCLSID: HKU\S-1-5-21-1944517194-4121678422-2975395376-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox (Personal)] => C:\Users\Honya\Dropbox (Personal) [2018-03-16 12:58] CustomCLSID: HKU\S-1-5-21-1944517194-4121678422-2975395376-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox (Honya games)] => C:\Users\Honya\Dropbox (Honya games) [2016-08-07 23:46] CustomCLSID: HKU\S-1-5-21-1944517194-4121678422-2975395376-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> ) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google) ContextMenuHandlers1: [GitExtensions2] -> {3C16B20A-BA16-4156-916F-0A375ECFFE24} => C:\Program Files (x86)\GitExtensions\GitExtensionsShellEx64.dll [2017-09-06] () [File not signed] ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google) ContextMenuHandlers4: [GitExtensions2] -> {3C16B20A-BA16-4156-916F-0A375ECFFE24} => C:\Program Files (x86)\GitExtensions\GitExtensionsShellEx64.dll [2017-09-06] () [File not signed] ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [GitExtensions2] -> {3C16B20A-BA16-4156-916F-0A375ECFFE24} => C:\Program Files (x86)\GitExtensions\GitExtensionsShellEx64.dll [2017-09-06] () [File not signed] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed] HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [File not signed] HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3621888 2016-05-08] (x264vfw project) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\Honya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ==================== Loaded Modules (Whitelisted) ============= 2018-07-24 00:44 - 2020-07-30 19:15 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll 2018-07-24 00:44 - 2020-07-30 19:15 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll 2018-07-24 00:44 - 2020-07-30 19:15 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll 2019-11-23 12:16 - 2020-01-16 14:39 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2019-11-23 12:16 - 2020-01-16 14:39 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2019-11-23 12:16 - 2020-01-16 14:39 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2020-03-13 20:47 - 2020-01-16 14:39 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2020-03-13 20:47 - 2020-01-16 14:39 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2020-03-13 20:47 - 2020-01-16 14:39 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2020-03-13 20:47 - 2020-01-16 14:39 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2020-03-13 20:47 - 2020-01-16 14:39 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2020-03-13 20:47 - 2020-01-16 14:39 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Honya\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\Honya\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2018-10-27 14:09 - 000000803 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\nodejs\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\GitExtensions\;C:\Users\Honya\AppData\Local\Microsoft\WindowsApps;C:\Users\Honya\AppData\Roaming\npm;C:\Program Files\CMake\bin;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\GitExtensions\PuTTY\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 213.46.246.53 - 213.46.246.54 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. Network Binding: ============= Local Area Connection: SoftEther Lightweight Network Protocol -> SeLow (enabled) ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeUpdateService => 3 MSCONFIG\Services: BDESVC => 3 MSCONFIG\Services: BRSptStub => 3 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: NGS => 3 HKLM\...\StartupApproved\Run: => "AtwtusbIcon" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\StartupApproved\Run: => "chAtom" HKU\S-1-5-21-1944517194-4121678422-2975395376-1000\...\StartupApproved\Run: => "CCXProcess" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D760D3DA-77F6-424E-8AC7-3049F73516DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4D399ECC-86F3-4B62-B939-FB96EE77D44B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{88CD1027-537F-45A6-8196-E2CE2101FF8F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.) FirewallRules: [{889855DD-082F-45C8-9679-91CA6AD39076}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.) FirewallRules: [{95095993-0DD9-43A9-982C-55EBDC643BED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6E072936-0C83-4FCA-9861-E8D4377F377D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E7D9C382-37C4-4ABB-BC66-9B85D98FE1CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{44A68BFD-B69A-4B42-B7EC-2038C4B8C115}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A7D89D86-68BC-4D78-8E29-65B4C8D36539}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{A4AB9041-8C03-4409-AE73-97D8CCA57471}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{6F77A00B-D6A7-4342-9E34-DDD741D452E0}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{7FC700AC-8E86-4977-811E-CCC2E5291E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{2EE9BEAE-66CD-4EBA-BC1F-A6F434E31402}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{2907E9AE-7FF8-482C-9957-F348B1C3975F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{55ED23B5-4502-45CF-96ED-5A94BEF7EF79}] => (Allow) D:\Games\SteamLibrary\steamapps\common\SoulWorker\SoulWorker.exe (LIONGAMES Co.,Ltd. -> LION GAMES) FirewallRules: [{5B8A3C42-E1CE-46C1-908A-2FE5825FFE69}] => (Allow) D:\Games\SteamLibrary\steamapps\common\SoulWorker\SoulWorker.exe (LIONGAMES Co.,Ltd. -> LION GAMES) FirewallRules: [{53567787-F9E7-438F-A1F6-FDC1A17AEB50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{3ACDDF9B-2368-46A3-8283-ADA9D9384354}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D38B4DE7-4818-43A1-BE92-5CC923A62F92}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{F1EBD929-0AA9-4B75-B00C-12A2703308A3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{09DB22A4-459C-4FB9-8D78-B4D882B212EB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{D9E1C874-5579-42DE-AFE9-3C5F3810A4C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{A946D697-A853-48A3-BE45-0643818B1D8A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{1E8FD433-94D6-47F6-9E0E-0EC395F35659}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{206CE4D3-7C9D-4991-8D49-B2318A421910}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{561772EC-12A7-4F2E-B76D-17A199232E0A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{79746E2E-BC8F-42A8-8326-6A3B785FEF7A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{663DC1C7-B516-4590-BF8D-19AF9F6F3781}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{24FDF553-C45B-4511-A452-CBF9B8182F93}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{C406F960-A874-47D7-BCBC-C443A7A576CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{0814BC42-BFEF-43D8-A0D0-2F4C99A26690}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{7C9ADEFF-466F-48DE-9EBF-19AAE696359F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{012F35E4-C5C1-46EE-ADFF-256B113CDAEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F88529FA-2F34-427E-81BB-5E2933002462}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D58E3829-BBE6-4F14-B20B-47AC1E341C58}] => (Allow) D:\Games\Archerage\ArcheRage.to NA\Launcher.exe => No File FirewallRules: [{7351DFB1-BF62-4104-A7B5-E45B099735F7}] => (Allow) D:\Games\ArcheRage\Launcher.exe => No File FirewallRules: [{B9E94016-3241-455E-8AAD-2ADC36693BE9}] => (Allow) D:\Games\RUAA\ArcheRage.to\Launcher.exe => No File FirewallRules: [{4F4F57E4-C395-4949-9A0A-81E85C2BB120}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Cuphead\Cuphead.exe () [File not signed] FirewallRules: [{738DC93C-3ADC-471B-8557-F6FBA6442994}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Cuphead\Cuphead.exe () [File not signed] FirewallRules: [{92C895F1-1F48-4C3F-A53A-7B9F9945385F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> ) FirewallRules: [{FB86E5CF-B1F5-429E-944D-AC126E6E6CF1}] => (Allow) D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> ) FirewallRules: [{75B8E2A4-A204-4B0D-BE30-9B97192B356A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File FirewallRules: [{E9E8D7E5-557C-4D14-BF52-4B19C8524D2F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File FirewallRules: [{FF045FC2-EDED-40EC-992D-4B7F90F42BE6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File FirewallRules: [{ECDF1761-A473-4432-A846-726D5100FA35}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File FirewallRules: [{58095952-9ADD-43B4-8872-7FD14E837383}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File FirewallRules: [{2A798F3F-2FBD-4031-8C4B-B8AA7724FD33}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File FirewallRules: [{99039589-D0B1-4FBD-BA90-A31410995128}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{02CD9BA2-474D-4C79-B5A2-DDAABD560FC5}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{8D2FDA29-161A-413F-BD50-E9127DC9AEF3}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{76EA9E2E-9B6D-4AD7-B278-C364E7484D50}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{908FC62B-B83B-49CB-A52B-F455ED4D74A2}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{B64C6EA7-1C21-46B6-A258-C1E6B40C7888}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [UDP Query User{3195B8C1-B623-40E3-8588-52D96AE7D608}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{6AAE4749-907D-4DC8-8ACB-8C7A27EDCA25}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{95C63636-7958-42B0-8F2A-2EAA56570923}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [TCP Query User{130398A5-B700-4F70-9C9B-FB5A9953FA9B}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [{277CB8FB-68FF-477C-A8CB-C4586F618818}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [{28E2C83A-F400-4AF3-967F-C1C0B688FD58}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [UDP Query User{9FADCBC4-9458-4ADC-87D0-CEC8E6CF9D84}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File FirewallRules: [TCP Query User{5DDEAA19-E2EA-46E9-97E4-7742F80744F0}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File FirewallRules: [UDP Query User{7F354913-CB86-4BAA-A396-27B602020EE4}D:\gammafejlesztos\faitoloid\old_game\faitoloid\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\old_game\faitoloid\faitoloid.exe () [File not signed] FirewallRules: [TCP Query User{BA93B8E3-0769-4B95-B86D-3AC0EEEB17CD}D:\gammafejlesztos\faitoloid\old_game\faitoloid\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\old_game\faitoloid\faitoloid.exe () [File not signed] FirewallRules: [UDP Query User{25EE7145-08C8-4EF0-9F1C-3BE072A35075}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{918524F4-C713-4EAC-A351-7C040F92DEA1}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{4C0F4A10-4814-4BFD-A9AC-AD4E13961ED7}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [TCP Query User{30E0A68B-B38F-4566-970F-A2710A5A156E}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [UDP Query User{A0F1640B-C595-4CEA-B527-C404B66DF5E0}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{0BA99EF4-DF17-4714-9CBB-EDE32A2BF29B}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{6ECF7E17-9037-425D-93EB-04452680C0E8}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{88736055-04E7-4DD9-A3EF-4E5FCE69B908}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{2602E465-C9EA-401F-BA28-FE227F24BA0E}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{A1B4641A-25B0-4F66-887D-DDE936FABC0D}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{2C076E81-EABB-44E2-BDB1-6DD1469AE4D2}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [TCP Query User{3E5205CF-4A50-491D-9196-CA22CD4F464C}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [UDP Query User{32F22D0B-C307-4DC2-B17E-D288BEE16C0B}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{CBB62ED5-2605-4E68-A0A3-43C5F923CD90}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [UDP Query User{DD1A5AF5-0E78-47C1-8F00-6A6A3A3D9CC4}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{563D334C-7C32-4F57-9B5A-9DF558883840}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [{13636C88-4393-4B70-8B82-BC6A5F7B8063}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{04467E90-6AF1-44B2-B768-A72E8C96432B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{8FA6BF0F-34AA-4751-A3C1-E9C0FE587C4C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{879A7F41-E925-463C-8D84-B5ABCEDAF9E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{93E25BD0-0396-40F1-A3DF-6FB4E8282C71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{0E3A552E-DBF9-4DF5-85B4-246C0A8528B2}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{16F0130E-605E-430F-8093-B8F2FB0BA3C6}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{91CD6979-F857-4560-A900-EA7D2283D6DC}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{8E14BAD5-B4E2-4329-852B-CC0E3E1A588B}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{BE102243-0305-4D39-8EB1-6FA7564B0C41}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{982EE0D1-4A9B-4FEE-BF53-A713FA86A54A}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [TCP Query User{6579AFF8-54C4-42F9-B106-E6665DB7A284}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [UDP Query User{C425C83B-6D0F-4CA7-8147-2E887A0574CB}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [{8F27C72B-5496-4056-A6D4-9029E674DDBC}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{F689DE07-C078-4F87-87F3-3650C429A7EE}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{C7FA9CE3-36CA-43BB-A4F5-3BEE6A5DB7C3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [UDP Query User{AA948E10-AED6-4A06-A025-F3F2D98623B3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [{4D7D3C40-EEF4-4A00-A250-5818A4285CD2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [{672DEEA6-FA43-403B-9503-82C00173C0D6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [TCP Query User{8A8B9B60-2E81-4C03-B90D-B1E4B3FE4414}D:\s4\s4_portable\s4league\webdatabase\apache2\bin\httpd_usbwv8.exe] => (Allow) D:\s4\s4_portable\s4league\webdatabase\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation) [File not signed] FirewallRules: [UDP Query User{CDECE2EF-E5A2-476E-9E1D-E0F5EC10FC5A}D:\s4\s4_portable\s4league\webdatabase\apache2\bin\httpd_usbwv8.exe] => (Allow) D:\s4\s4_portable\s4league\webdatabase\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation) [File not signed] FirewallRules: [TCP Query User{653A4304-0066-4883-B198-7FB075F746D5}D:\s4\s4_portable\s4league\webdatabase\mysql\bin\mysqld_usbwv8.exe] => (Allow) D:\s4\s4_portable\s4league\webdatabase\mysql\bin\mysqld_usbwv8.exe () [File not signed] FirewallRules: [UDP Query User{CE0C7699-765D-4100-A3B3-0368608DA4A8}D:\s4\s4_portable\s4league\webdatabase\mysql\bin\mysqld_usbwv8.exe] => (Allow) D:\s4\s4_portable\s4league\webdatabase\mysql\bin\mysqld_usbwv8.exe () [File not signed] FirewallRules: [TCP Query User{9522A16F-D9DB-4A41-9EDB-F26623A08D80}D:\s4\s4_portable\s4league\fagnetportable\fagnetauth.exe] => (Allow) D:\s4\s4_portable\s4league\fagnetportable\fagnetauth.exe () [File not signed] FirewallRules: [UDP Query User{D4217685-DF4A-4537-86A8-C8D6BDACED4D}D:\s4\s4_portable\s4league\fagnetportable\fagnetauth.exe] => (Allow) D:\s4\s4_portable\s4league\fagnetportable\fagnetauth.exe () [File not signed] FirewallRules: [TCP Query User{17DC41F3-3F14-40E0-8BC0-9BA3584984FD}D:\s4\s4_portable\s4league\emuclient.exe] => (Allow) D:\s4\s4_portable\s4league\emuclient.exe () [File not signed] FirewallRules: [UDP Query User{2FAF0AD9-E696-41EA-AE58-1998431EAF7B}D:\s4\s4_portable\s4league\emuclient.exe] => (Allow) D:\s4\s4_portable\s4league\emuclient.exe () [File not signed] FirewallRules: [TCP Query User{27C73CB4-195D-4F0A-9A3B-E4134B03F7DB}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [UDP Query User{13A25673-90AB-46E8-A1AD-4FC28B884EBE}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [{5EC6A7EE-1B77-4FEF-97BC-AA768FC44BC0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A8D0F1AB-A124-42B0-AB63-DB5607483C04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B272E46C-DA12-45A0-9B0B-C5D7132F6B96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9D30399E-BD9C-47A7-971A-998046C85A2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{570A9815-102E-4204-85C4-A572046155BB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{92D91E58-B63D-4DFA-9727-22E204488BCC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{32CB4820-2B98-41DE-A131-050C3FBF7F6B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{71B01A1E-382D-4B03-9B2F-A63C2CE89EC3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{0409E256-F1AA-4DB4-9E8B-69087A9CD8CF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{F6557F2C-F11E-49F3-AA46-ADBC707BDB43}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{99AF98CE-CFB5-459A-BA9C-76780DBC9F04}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{066D3442-FC1B-4220-9808-47B36414EA9A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{2BC6A3F8-57D5-4F8A-93A6-BBE7A81BE40A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{694C6637-CFBF-4E6B-BBFF-D2983736ACEB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{E0A034BC-F64F-447A-BC02-23FA16DE1ED6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{384A3C04-A9FA-4723-8395-522021FABA64}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{0812B821-E123-4D14-B2F4-DF836F0C971A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{B4481768-C229-4950-BEF5-CD736F99D94B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{D103F84C-D10C-4FD7-A4EC-9F4C1F6E1B55}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{9D318238-F762-4C3B-9BE4-23622C7B38BD}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{645D652D-6C23-4F80-BC9A-06376D94DF11}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{C91DAB41-9375-412D-9F5B-263B592937EC}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [{84F60E13-6615-4BEF-B5FB-D4416FB5FDC3}] => (Allow) LPort=3306 FirewallRules: [{03D00CFB-F929-422A-8218-DDB5BA1E147B}] => (Allow) LPort=3306 FirewallRules: [{D45942BC-792F-4584-9819-BA032FBFCB5F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{7229A17D-B110-42FF-89BA-D77CEB2AEE1C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{712761C5-86C8-4C54-B816-BAEAD8BA957F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F00C7C86-2922-4312-A755-5C28750E08E0}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F36AD998-C790-4493-BB89-C2FEF9A23E8F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{0610D9F7-459C-4082-8C0E-214B8FDCE6CF}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{AD7179D7-1CDC-494C-848B-123D50D76E6C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{E0F4E857-A613-4661-A58A-526E6E7A6BAB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{C0234360-127E-477B-BB35-EE9F3122D6B1}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{3570233D-A417-4725-AA79-ABDAC0749667}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{9999A020-EC33-49A5-A7AD-F3BBFC52980B}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{E5263721-BA6E-4575-A3D2-21E6C915C09D}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{0C716C97-1B3E-4785-A615-FCC80E67F241}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{8E28BAE7-5290-4563-80AE-B73F383F40C7}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{EFF5792E-EF68-4C24-B2F1-3946A70CF793}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CODE VEIN\CodeVein.exe () [File not signed] FirewallRules: [{687AD739-625B-4DAD-B0CC-7C931D09646A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CODE VEIN\CodeVein.exe () [File not signed] FirewallRules: [TCP Query User{625C7EC2-179E-4D59-9A25-826A180AC89C}D:\games\steamlibrary\steamapps\common\code vein\codevein\binaries\win64\codevein-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\code vein\codevein\binaries\win64\codevein-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed] FirewallRules: [UDP Query User{E0E75E66-E01D-4D37-BE09-2C5A60AD7DB4}D:\games\steamlibrary\steamapps\common\code vein\codevein\binaries\win64\codevein-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\code vein\codevein\binaries\win64\codevein-win64-shipping.exe (BANDAI NAMCO Entertainment Inc.) [File not signed] FirewallRules: [TCP Query User{249A8362-9F12-4C11-AA23-F657FB19BB07}F:\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) F:\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{17C642FA-8B06-4BC4-8743-D21F2D4763A6}F:\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) F:\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{FEB40756-5CA0-4629-8C7A-1511E38E2623}F:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{2C548FD6-E2B0-4A9D-93A6-08224E1B2FF1}F:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{B4348FA0-C676-4455-BBDD-52E00C34FDC8}F:\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) F:\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{237DE935-38FA-4BA2-92F6-DB12F05B8B18}F:\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) F:\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{DAD69915-4866-4E96-BAA8-5BEEE1C032AC}D:\games\itch-io\foobar\foobar\binaries\win64\foobar.exe] => (Allow) D:\games\itch-io\foobar\foobar\binaries\win64\foobar.exe (DotDotDot Games) [File not signed] FirewallRules: [UDP Query User{27AEBAE2-0A79-48B2-8F9A-AF46BE3D1F8D}D:\games\itch-io\foobar\foobar\binaries\win64\foobar.exe] => (Allow) D:\games\itch-io\foobar\foobar\binaries\win64\foobar.exe (DotDotDot Games) [File not signed] FirewallRules: [TCP Query User{199D6F55-E74B-4285-A987-14C7C34A2FF2}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{918DE742-0EC5-41F7-8013-C345E1185395}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{066588E4-5C33-49D7-BC20-BE1C413AC10C}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [UDP Query User{C03FBE9A-4460-4D06-925A-1ACB96D607C8}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [TCP Query User{6050B49A-74C3-4E9C-A8F0-DF3EFC6E5B4A}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [UDP Query User{AABCD9BA-F9B1-4DB0-B452-FBC66CCDD3D3}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [TCP Query User{784A9618-7416-46AB-A3FD-BF9F9D8E952C}F:\programming\foobar\binaries\win64\foobar-win64-debuggame.exe] => (Allow) F:\programming\foobar\binaries\win64\foobar-win64-debuggame.exe (DotDotDot Games) [File not signed] FirewallRules: [UDP Query User{812B7A68-F189-40D5-BDC3-2BB55D6C7EE0}F:\programming\foobar\binaries\win64\foobar-win64-debuggame.exe] => (Allow) F:\programming\foobar\binaries\win64\foobar-win64-debuggame.exe (DotDotDot Games) [File not signed] FirewallRules: [{B9CB52D9-9BC4-4A10-BD8D-24127F23A6FE}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{855408DF-54EB-4BFE-8A9B-0E4B540762DD}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [TCP Query User{8C781178-FF0D-4170-8F39-62427AC66E18}F:\epic games\ue_4.23_git\unrealengine\engine\binaries\win64\ue4editor.exe] => (Allow) F:\epic games\ue_4.23_git\unrealengine\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.) [File not signed] FirewallRules: [UDP Query User{5EBB57BB-F033-4042-9426-ABE05B59C384}F:\epic games\ue_4.23_git\unrealengine\engine\binaries\win64\ue4editor.exe] => (Allow) F:\epic games\ue_4.23_git\unrealengine\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.) [File not signed] FirewallRules: [TCP Query User{98118245-4EA7-42AE-B7D6-03EAF5B721B7}F:\programming\foobar\saved\stagedbuilds\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar\saved\stagedbuilds\windowsnoeditor\foobar\binaries\win64\foobar.exe (DotDotDot Games) [File not signed] FirewallRules: [UDP Query User{9C8B1801-F485-4242-8CDE-61CE7714E19B}F:\programming\foobar\saved\stagedbuilds\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar\saved\stagedbuilds\windowsnoeditor\foobar\binaries\win64\foobar.exe (DotDotDot Games) [File not signed] FirewallRules: [TCP Query User{7DED6233-AF0A-48B8-8AC6-C2024CDD9A5A}D:\games\steamlibrary\steamapps\common\kurtzpel\thechase\binaries\win64\thechase-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\kurtzpel\thechase\binaries\win64\thechase-win64-shipping.exe => No File FirewallRules: [UDP Query User{F09847A7-A399-446C-829A-2F2D31623F65}D:\games\steamlibrary\steamapps\common\kurtzpel\thechase\binaries\win64\thechase-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\kurtzpel\thechase\binaries\win64\thechase-win64-shipping.exe => No File FirewallRules: [{F8FE1784-575C-4AD7-9527-EEBFA22E13CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{AA2DE3F2-AA89-45EB-9495-5B886763E5FF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{991F576B-6E60-4FA1-A35F-CD4B01D4C553}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [{92FD7E88-D32C-422D-B97D-401F91765D74}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [TCP Query User{A2056612-01DF-4F5A-B8A0-DAD47FA09760}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [UDP Query User{C0D14C7E-683F-482C-B452-DA61A6D708B5}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [TCP Query User{B1055376-4703-4C56-9B99-CF0E359CDD32}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [UDP Query User{476BDC30-3FF2-4538-90BE-884A7CE14D54}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [TCP Query User{454806B7-2BAA-4B52-A9F3-96E9B37B8AEB}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [UDP Query User{C65A20BC-C107-44E7-BA7E-2DC509E7BB0F}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [{D6D298DC-E058-44F5-B732-DC01BFEB3CA1}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () [File not signed] FirewallRules: [{CBA52626-3227-44F4-86D8-789F35C44424}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () [File not signed] FirewallRules: [{288A606C-90CC-44A7-A378-AE7DAB4E2229}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{B13364C5-47D5-4986-91A7-3A5ACD5BE911}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [TCP Query User{379F4BDA-17C9-4FCA-B00E-A3C127198396}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [UDP Query User{FD7E8EE8-EBCD-4C4A-9E34-8103C3F7FE2E}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [TCP Query User{FB4E5F59-30D1-45F7-BE6D-F9FC3727CA75}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [UDP Query User{394BEE94-938B-4CBC-A006-52F8177D67ED}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [{D9C31AC7-C71A-4FE4-8E87-71EB4AB52AE4}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{FDE27AAF-5F25-4A56-BA83-51A410840734}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{FEE610F0-CC1B-42B2-9B8E-A208A02D4E53}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{1B5BABEC-CE1F-444C-A910-167DA79DE587}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [{D1A13F6B-0422-403E-A516-BBE3301F34EE}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{2A20F0DA-BC59-4315-991E-56174638CEF9}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{A919B470-E648-46C5-8D12-B49F0D3FDEF6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation) FirewallRules: [{B18B9C5A-AFD5-46B6-B173-5DD2A6B44BE7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation) FirewallRules: [TCP Query User{1B8E26BF-62D2-4C24-9B12-A4454B4146A0}F:\epic games\ue_4.23_git\unrealengine\engine\binaries\dotnet\swarmagent.exe] => (Allow) F:\epic games\ue_4.23_git\unrealengine\engine\binaries\dotnet\swarmagent.exe (Epic Games, Inc.) [File not signed] FirewallRules: [UDP Query User{1780646A-7874-46F0-92C6-6D155A2F8A48}F:\epic games\ue_4.23_git\unrealengine\engine\binaries\dotnet\swarmagent.exe] => (Allow) F:\epic games\ue_4.23_git\unrealengine\engine\binaries\dotnet\swarmagent.exe (Epic Games, Inc.) [File not signed] FirewallRules: [TCP Query User{125933A3-E1AE-4395-8F90-403BC762BADF}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [UDP Query User{0C3938E6-7CB9-46D3-9215-D95A4C952843}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [TCP Query User{69A8D268-A6C8-47A0-AB74-1806AC3C5DE4}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [File not signed] FirewallRules: [UDP Query User{0F0B09AF-8983-4DF5-960E-F3E1D5A633FC}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [File not signed] FirewallRules: [TCP Query User{874E0E83-44B3-46B9-9ABD-B99455F0EC3A}C:\users\honya\documents\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\honya\documents\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{24B5619C-E8EF-4220-8A93-66021A7258E0}C:\users\honya\documents\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\honya\documents\curse\minecraft\install\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{3DB290B4-ECEE-431C-929C-7FD7A318ECC1}F:\epic games\ue_4.23\engine\binaries\win64\ue4editor-cmd.exe] => (Allow) F:\epic games\ue_4.23\engine\binaries\win64\ue4editor-cmd.exe FirewallRules: [UDP Query User{777A85C9-A2A6-4068-8D7A-F0429856CE13}F:\epic games\ue_4.23\engine\binaries\win64\ue4editor-cmd.exe] => (Allow) F:\epic games\ue_4.23\engine\binaries\win64\ue4editor-cmd.exe FirewallRules: [{291864B3-0112-4EA9-ACD7-2A7F0575C57C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{772513FF-1E63-421C-A23B-56B3A2C174AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{09DF3A75-163A-4109-A3B0-54254B71AEF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9487CD5C-9AD8-4A1C-88A3-C389D0A5FB14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AA10F2F0-5411-4031-AFA4-DECA42C083FB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\GOD EATER 3\ge3.exe () [File not signed] FirewallRules: [{15BE47AB-AB33-44DC-99A3-F57D09E42A91}] => (Allow) D:\Games\SteamLibrary\steamapps\common\GOD EATER 3\ge3.exe () [File not signed] FirewallRules: [TCP Query User{5F3529EA-A9F2-45F0-8061-3805345B08F2}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [UDP Query User{9975BE2D-98EA-4B9D-9CDF-2CC463E7E9B6}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [TCP Query User{DC16522A-143B-4D58-927F-F22C940DB10B}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [UDP Query User{E1924572-8739-4042-92F7-419EA482282F}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [TCP Query User{CC0AE691-7D6C-4041-84D9-28A10EF76F64}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [UDP Query User{B918EEE0-5C13-4B6B-AEDD-7FF9D430833B}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [TCP Query User{107D6FD9-A1AF-4A54-9B47-897DD12ABCC9}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [UDP Query User{4DAEA87A-B1B5-476C-AD02-219B4125F933}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [{C1B4B585-0FFF-414F-A096-70CAC432727E}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare) FirewallRules: [{7DAA7FBD-6240-40B4-8A63-A02601B931AE}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare) FirewallRules: [{647559D6-A974-47D4-9BC9-4938CE48D966}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare) FirewallRules: [{E3B41FAD-4B2B-4A60-832A-347C20DEC598}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare) FirewallRules: [{342A1E07-1F5D-4826-AA73-49AC35C3D2DD}] => (Allow) D:\Games\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{D923B8D1-701A-4898-AF82-E39CF0AB87F1}] => (Allow) D:\Games\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{C40F2C42-A7C1-442A-A316-C44E5F32FB04}] => (Allow) D:\Games\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{8B6A39AA-668A-47FB-8483-48BF8507AAB9}] => (Allow) D:\Games\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{278DBC11-F0A5-4727-A7A4-9A76C4D020FB}] => (Allow) D:\Games\s4_xero\xero.exe () [File not signed] FirewallRules: [{14055406-CE0F-4D3D-A86C-522CCAA8D646}] => (Allow) D:\Games\s4_xero\xero.exe () [File not signed] FirewallRules: [{FE19D0CD-3623-472A-91C2-7AA834B60793}] => (Allow) D:\Games\s4_xero\xero.exe () [File not signed] FirewallRules: [{38507E32-BE2A-4325-A6E3-7E8A89B375EB}] => (Allow) D:\Games\s4_xero\xero.exe () [File not signed] FirewallRules: [{FB5B3730-E5BC-4409-803B-17E1FA987CFC}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed] FirewallRules: [{3A940AFE-D892-4783-82FA-70CB1D2D7931}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Super Buckyball Tournament Demo\S.B.T.exe () [File not signed] FirewallRules: [{4688E056-847D-4E4F-B140-BE0D74075D3F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Super Buckyball Tournament Demo\S.B.T.exe () [File not signed] FirewallRules: [{1EFE0D97-C6D0-4A51-892C-70B3C70A8113}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2EAF6FA8-6FE3-4226-A55A-B0C5AA22D789}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{9926F719-DE04-4A5A-A066-BBD6005186D0}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{036347C7-2406-48E7-A2B2-4EC333656151}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [{65FC4393-9071-4B2A-9F81-D5EF4E58504E}] => (Allow) D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> ) FirewallRules: [{CAD9E153-C16F-4558-9B1F-85F6DCD72856}] => (Allow) D:\Games\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> ) FirewallRules: [{173222D3-1909-49AE-8E9B-B3A9F7C6F1A3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Rocket Arena\Launch_RocketArena.exe (First Strike Games, Inc -> Epic Games, Inc) FirewallRules: [{41D204CA-C635-41D1-B9C6-9FEDF227B98F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Rocket Arena\Launch_RocketArena.exe (First Strike Games, Inc -> Epic Games, Inc) FirewallRules: [{21AC1C1D-17FE-43AF-A55C-F0C4E453ED6A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{A0D316DC-119D-49A1-9AEB-3BA9BF6EFD23}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Rocket Arena\Mariner.exe (First Strike Games, Inc -> Final Strike Games LLC) FirewallRules: [{031500C6-39A4-4CC5-856B-0A96F0868536}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Rocket Arena\Mariner.exe (First Strike Games, Inc -> Final Strike Games LLC) FirewallRules: [{81C20B50-5850-4E0F-9335-1CFCA11C5A41}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Rocket Arena\Mariner\Binaries\Win64\Mariner-Win64-Shipping.exe (Final Strike Games LLC) [File not signed] FirewallRules: [{D35F79AA-3930-43DD-AF72-A560CA267A8A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Rocket Arena\Mariner\Binaries\Win64\Mariner-Win64-Shipping.exe (Final Strike Games LLC) [File not signed] FirewallRules: [{983B7B14-BDB4-4A84-A54B-B9981874D710}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.) FirewallRules: [{63AB9C8D-BBFD-4486-B7D9-13B752A764D9}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.) FirewallRules: [{D06C9E2A-8487-4E40-8B7E-5D1EDAF5784E}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.) FirewallRules: [{F441BACF-E712-4305-903E-E59B2B599232}] => (Allow) D:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.) FirewallRules: [{443CEFA0-EA79-4798-B2A8-CB6676697275}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{2C8B40C3-D702-441C-95F2-9E2710666160}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{8E2497E5-3AD9-4870-8472-2D765BD908C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A947B6AC-995A-48DF-B9A1-6B118E16C089}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{2AFB7904-D897-4A1D-95E1-B00CC2F6FF1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:14.46 GB) (13%) ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (09/04/2020 11:01:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.997, time stamp: 0x5f11233f Faulting module name: Windows.UI.Xaml.dll, version: 10.0.18362.997, time stamp: 0xe85f9394 Exception code: 0xc000027b Fault offset: 0x0000000000713500 Faulting process id: 0x354c Faulting application start time: 0x01d682fe69ed9103 Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 8c3447bd-8ce9-41ce-81e9-e606dbd42bb8 Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy Faulting package-relative application ID: SecHealthUI Error: (09/04/2020 08:18:06 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4620,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/04/2020 07:32:03 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (15584,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/04/2020 06:57:06 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8424,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/04/2020 06:50:14 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1760,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/04/2020 06:33:06 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7132,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/04/2020 06:13:59 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8588,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/04/2020 06:01:40 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7600,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (09/04/2020 10:59:20 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/04/2020 10:59:15 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/04/2020 10:59:14 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server: Windows.Internal.Security.Authentication.Web.TokenBrokerInternal Error: (09/04/2020 10:59:14 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server: Windows.Internal.Security.Authentication.Web.TokenBrokerInternal Error: (09/04/2020 10:57:11 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (09/04/2020 10:57:10 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/04/2020 10:57:10 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (09/04/2020 10:56:43 PM) (Source: DCOM) (EventID: 10005) (User: Honya-PC) Description: DCOM got error "1084" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server: {EDAE4045-CAE6-4706-8973-FA69715B8C10} Windows Defender: =================================== Date: 2020-09-04 23:00:20.179 Description: A(z) Windows Defender víruskereso kártevot vagy más, vélhetoen nemkívánatos szoftvert észlelt. További információ: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Név: Program:Win32/Wacapew.C!ml Azonosító: 265744 Súlyosság: Medium Kategória: Potentially Unwanted Software Elérési út: uefifirmware:_\UefiImage->CpuPei Észlelés eredete: Ismeretlen Észlelés típusa: Konkrét Észlelés forrása: Rendszer Felhasználó: NT AUTHORITY\SYSTEM Folyamat neve: Unknown Biztonsági intelligencia verziója: AV: 1.323.495.0, AS: 1.323.495.0, NIS: 1.323.495.0 Motorverzió: AM: 1.1.17400.5, NIS: 1.1.17400.5 Date: 2020-09-04 20:20:27.243 Description: A(z) Windows Defender víruskereso kártevot vagy más, vélhetoen nemkívánatos szoftvert észlelt. További információ: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Név: Program:Win32/Wacapew.C!ml Azonosító: 265744 Súlyosság: Medium Kategória: Potentially Unwanted Software Elérési út: uefifirmware:_\UefiImage->CpuPei Észlelés eredete: Ismeretlen Észlelés típusa: Konkrét Észlelés forrása: Rendszer Felhasználó: NT AUTHORITY\SYSTEM Folyamat neve: Unknown Biztonsági intelligencia verziója: AV: 1.323.495.0, AS: 1.323.495.0, NIS: 1.323.495.0 Motorverzió: AM: 1.1.17400.5, NIS: 1.1.17400.5 Date: 2020-09-04 20:19:12.148 Description: A(z) Windows Defender víruskereso kártevot vagy más, vélhetoen nemkívánatos szoftvert észlelt. További információ: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Név: Program:Win32/Wacapew.C!ml Azonosító: 265744 Súlyosság: Medium Kategória: Potentially Unwanted Software Elérési út: uefifirmware:_\UefiImage->CpuPei Észlelés eredete: Ismeretlen Észlelés típusa: Konkrét Észlelés forrása: Rendszer Felhasználó: NT AUTHORITY\SYSTEM Folyamat neve: Unknown Biztonsági intelligencia verziója: AV: 1.323.495.0, AS: 1.323.495.0, NIS: 1.323.495.0 Motorverzió: AM: 1.1.17400.5, NIS: 1.1.17400.5 Date: 2020-09-04 20:10:58.943 Description: A(z) Windows Defender víruskereso kártevot vagy más, vélhetoen nemkívánatos szoftvert észlelt. További információ: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Név: Program:Win32/Wacapew.C!ml Azonosító: 265744 Súlyosság: Medium Kategória: Potentially Unwanted Software Elérési út: uefifirmware:_\UefiImage->CpuPei Észlelés eredete: Ismeretlen Észlelés típusa: Konkrét Észlelés forrása: Rendszer Felhasználó: NT AUTHORITY\SYSTEM Folyamat neve: Unknown Biztonsági intelligencia verziója: AV: 1.323.495.0, AS: 1.323.495.0, NIS: 1.323.495.0 Motorverzió: AM: 1.1.17400.5, NIS: 1.1.17400.5 Date: 2020-09-04 20:09:25.036 Description: A(z) Windows Defender víruskereso kártevot vagy más, vélhetoen nemkívánatos szoftvert észlelt. További információ: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Név: Program:Win32/Wacapew.C!ml Azonosító: 265744 Súlyosság: Medium Kategória: Potentially Unwanted Software Elérési út: uefifirmware:_\UefiImage->CpuPei Észlelés eredete: Ismeretlen Észlelés típusa: Konkrét Észlelés forrása: Rendszer Felhasználó: NT AUTHORITY\SYSTEM Folyamat neve: Unknown Biztonsági intelligencia verziója: AV: 1.323.495.0, AS: 1.323.495.0, NIS: 1.323.495.0 Motorverzió: AM: 1.1.17400.5, NIS: 1.1.17400.5 Date: 2020-09-04 23:01:17.464 Description: A(z) Windows Defender víruskereso kritikus hibát észlelt, miközben lépéseket tett a kártevokkel és más, vélhetoen nemkívánatos szoftverekkel szembeni védelem érdekében. További információ: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Név: Program:Win32/Wacapew.C!ml Azonosító: 265744 Súlyosság: Medium Kategória: Potentially Unwanted Software Elérési út: uefifirmware:_\UefiImage->CpuPei Észlelés eredete: Ismeretlen Észlelés típusa: Konkrét Észlelés forrása: Rendszer Felhasználó: Honya-PC\Honya Folyamat neve: Unknown Muvelet: Eltávolítás Muvelet állapota: No additional actions required Hibakód: 0x80070032 Hiba leírása: The request is not supported. Biztonsági intelligencia verziója: AV: 1.323.495.0, AS: 1.323.495.0, NIS: 1.323.495.0 Motorverzió: AM: 1.1.17400.5, NIS: 1.1.17400.5 Date: 2020-09-04 20:30:19.735 Description: A(z) Windows Defender víruskereso hibát észlelt a biztonsági intelligencia frissítése közben. Új biztonságiintelligencia-verzió: Elozo biztonságiintelligencia-verzió: 1.323.495.0 Frissítés forrása: Microsoft Update-kiszolgáló Biztonsági intelligencia típusa: Víruskereso Frissítés típusa: Teljes Felhasználó: NT AUTHORITY\SYSTEM Jelenlegi motorverzió: Elozo motorverzió: 1.1.17400.5 Hibakód: 0x8007043c Hiba leírása: This service cannot be started in Safe Mode Date: 2020-09-04 20:20:02.829 Description: A(z) Windows Defender víruskereso valós ideju védelmi szolgáltatás hibát észlelt, és leállt. Szolgáltatás: Eléréskor Hibakód: 0x8007043c Hiba leírása: This service cannot be started in Safe Mode Ok: A kártevoirtó biztonsági intelligencia muködése ismeretlen okból leállt. Egyes esetekben a szolgáltatás újraindításával elhárítható a probléma. Date: 2020-09-04 20:12:28.005 Description: A(z) Windows Defender víruskereso hibát észlelt a Windows Defender Offline letöltése és konfigurálása során. Hibakód: 0x8000000a Hiba leírása: The data necessary to complete this operation is not yet available. Date: 2020-09-04 20:12:23.780 Description: A(z) Windows Defender víruskereso hibát észlelt a Windows Defender Offline letöltése és konfigurálása során. Hibakód: 0x8000000a Hiba leírása: The data necessary to complete this operation is not yet available. CodeIntegrity: =================================== Date: 2020-09-04 23:01:58.871 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-09-04 23:01:58.839 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-06-03 15:05:29.970 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume6\Program Files\ModifiableWindowsApps\pso2_bin\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2020-06-03 15:05:29.382 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ModifiableWindowsApps\pso2_bin\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2020-06-03 15:05:25.809 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe) attempted to load \Device\HarddiskVolume6\Program Files\ModifiableWindowsApps\pso2_bin\GameGuard\npggNT.des that did not meet the Microsoft signing level requirements. Date: 2020-06-03 14:53:07.818 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume6\Program Files\ModifiableWindowsApps\pso2_bin\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2020-06-03 14:53:07.247 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ModifiableWindowsApps\pso2_bin\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2020-06-03 14:53:03.235 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe) attempted to load \Device\HarddiskVolume6\Program Files\ModifiableWindowsApps\pso2_bin\GameGuard\npggNT.des that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. F8 09/18/2015 Motherboard: Gigabyte Technology Co., Ltd. Z97P-D3 Processor: Intel® Core™ i5-4690 CPU @ 3.50GHz Percentage of memory in use: 28% Total physical RAM: 16245.27 MB Available physical RAM: 11537.32 MB Total Virtual: 32629.27 MB Available Virtual: 25946.92 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.19 GB) (Free:14.46 GB) NTFS Drive d: (Local Disk) (Fixed) (Total:931.51 GB) (Free:126.24 GB) NTFS Drive e: () (Fixed) (Total:465.75 GB) (Free:350.58 GB) NTFS Drive f: (Local Disk) (Fixed) (Total:223.57 GB) (Free:16.09 GB) NTFS \\?\Volume{1ff6f750-53f3-11e6-818e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{9ae577a4-0000-0000-0000-50d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 9AE577A4) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=515 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0F22DB34) Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A0747202) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0F Extended) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 62C080DB) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ======================

#3 nasdaq

Malware Response Team
48,329 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:05:29 AM

Posted 05 September 2020 - 07:14 AM

Hello, Welcome to BleepingComputer. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX. Type Notepad and and click the OK key. Please copy the entire contents of the code box below to the a new file. start SystemRestore: On CreateRestorePoint: CloseProcesses: Task: {9BEF0000-FAF6-482B-9FA5-3AEB14E63207} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] U3 idsvc; no ImagePath ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File AlternateDataStreams: C:\Users\Honya\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\Honya\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) FirewallRules: [{A7D89D86-68BC-4D78-8E29-65B4C8D36539}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{A4AB9041-8C03-4409-AE73-97D8CCA57471}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{6F77A00B-D6A7-4342-9E34-DDD741D452E0}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{7FC700AC-8E86-4977-811E-CCC2E5291E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{2EE9BEAE-66CD-4EBA-BC1F-A6F434E31402}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{2907E9AE-7FF8-482C-9957-F348B1C3975F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{D38B4DE7-4818-43A1-BE92-5CC923A62F92}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{F1EBD929-0AA9-4B75-B00C-12A2703308A3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{09DB22A4-459C-4FB9-8D78-B4D882B212EB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{D9E1C874-5579-42DE-AFE9-3C5F3810A4C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{A946D697-A853-48A3-BE45-0643818B1D8A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{1E8FD433-94D6-47F6-9E0E-0EC395F35659}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{206CE4D3-7C9D-4991-8D49-B2318A421910}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{561772EC-12A7-4F2E-B76D-17A199232E0A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{79746E2E-BC8F-42A8-8326-6A3B785FEF7A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{663DC1C7-B516-4590-BF8D-19AF9F6F3781}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{24FDF553-C45B-4511-A452-CBF9B8182F93}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{C406F960-A874-47D7-BCBC-C443A7A576CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{0814BC42-BFEF-43D8-A0D0-2F4C99A26690}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{7C9ADEFF-466F-48DE-9EBF-19AAE696359F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{D58E3829-BBE6-4F14-B20B-47AC1E341C58}] => (Allow) D:\Games\Archerage\ArcheRage.to NA\Launcher.exe => No File FirewallRules: [{7351DFB1-BF62-4104-A7B5-E45B099735F7}] => (Allow) D:\Games\ArcheRage\Launcher.exe => No File FirewallRules: [{B9E94016-3241-455E-8AAD-2ADC36693BE9}] => (Allow) D:\Games\RUAA\ArcheRage.to\Launcher.exe => No File FirewallRules: [{75B8E2A4-A204-4B0D-BE30-9B97192B356A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File FirewallRules: [{E9E8D7E5-557C-4D14-BF52-4B19C8524D2F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File FirewallRules: [{FF045FC2-EDED-40EC-992D-4B7F90F42BE6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File FirewallRules: [{ECDF1761-A473-4432-A846-726D5100FA35}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File FirewallRules: [{58095952-9ADD-43B4-8872-7FD14E837383}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File FirewallRules: [{2A798F3F-2FBD-4031-8C4B-B8AA7724FD33}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File FirewallRules: [{99039589-D0B1-4FBD-BA90-A31410995128}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{02CD9BA2-474D-4C79-B5A2-DDAABD560FC5}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{8D2FDA29-161A-413F-BD50-E9127DC9AEF3}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{76EA9E2E-9B6D-4AD7-B278-C364E7484D50}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{908FC62B-B83B-49CB-A52B-F455ED4D74A2}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{B64C6EA7-1C21-46B6-A258-C1E6B40C7888}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [UDP Query User{3195B8C1-B623-40E3-8588-52D96AE7D608}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{6AAE4749-907D-4DC8-8ACB-8C7A27EDCA25}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{95C63636-7958-42B0-8F2A-2EAA56570923}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [TCP Query User{130398A5-B700-4F70-9C9B-FB5A9953FA9B}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [{277CB8FB-68FF-477C-A8CB-C4586F618818}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [{28E2C83A-F400-4AF3-967F-C1C0B688FD58}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [TCP Query User{5DDEAA19-E2EA-46E9-97E4-7742F80744F0}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File FirewallRules: [UDP Query User{25EE7145-08C8-4EF0-9F1C-3BE072A35075}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{918524F4-C713-4EAC-A351-7C040F92DEA1}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{4C0F4A10-4814-4BFD-A9AC-AD4E13961ED7}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [TCP Query User{30E0A68B-B38F-4566-970F-A2710A5A156E}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [UDP Query User{A0F1640B-C595-4CEA-B527-C404B66DF5E0}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{0BA99EF4-DF17-4714-9CBB-EDE32A2BF29B}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{6ECF7E17-9037-425D-93EB-04452680C0E8}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{88736055-04E7-4DD9-A3EF-4E5FCE69B908}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{2602E465-C9EA-401F-BA28-FE227F24BA0E}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{A1B4641A-25B0-4F66-887D-DDE936FABC0D}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{2C076E81-EABB-44E2-BDB1-6DD1469AE4D2}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [TCP Query User{3E5205CF-4A50-491D-9196-CA22CD4F464C}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [UDP Query User{32F22D0B-C307-4DC2-B17E-D288BEE16C0B}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{CBB62ED5-2605-4E68-A0A3-43C5F923CD90}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [UDP Query User{DD1A5AF5-0E78-47C1-8F00-6A6A3A3D9CC4}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{563D334C-7C32-4F57-9B5A-9DF558883840}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [{04467E90-6AF1-44B2-B768-A72E8C96432B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{8FA6BF0F-34AA-4751-A3C1-E9C0FE587C4C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{0E3A552E-DBF9-4DF5-85B4-246C0A8528B2}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{16F0130E-605E-430F-8093-B8F2FB0BA3C6}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{91CD6979-F857-4560-A900-EA7D2283D6DC}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{8E14BAD5-B4E2-4329-852B-CC0E3E1A588B}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{BE102243-0305-4D39-8EB1-6FA7564B0C41}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{982EE0D1-4A9B-4FEE-BF53-A713FA86A54A}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [TCP Query User{6579AFF8-54C4-42F9-B106-E6665DB7A284}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [UDP Query User{C425C83B-6D0F-4CA7-8147-2E887A0574CB}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [{8F27C72B-5496-4056-A6D4-9029E674DDBC}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{F689DE07-C078-4F87-87F3-3650C429A7EE}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{C7FA9CE3-36CA-43BB-A4F5-3BEE6A5DB7C3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [UDP Query User{AA948E10-AED6-4A06-A025-F3F2D98623B3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [{4D7D3C40-EEF4-4A00-A250-5818A4285CD2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [{672DEEA6-FA43-403B-9503-82C00173C0D6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [TCP Query User{27C73CB4-195D-4F0A-9A3B-E4134B03F7DB}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [UDP Query User{13A25673-90AB-46E8-A1AD-4FC28B884EBE}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [{570A9815-102E-4204-85C4-A572046155BB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{92D91E58-B63D-4DFA-9727-22E204488BCC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{32CB4820-2B98-41DE-A131-050C3FBF7F6B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{71B01A1E-382D-4B03-9B2F-A63C2CE89EC3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{0409E256-F1AA-4DB4-9E8B-69087A9CD8CF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{F6557F2C-F11E-49F3-AA46-ADBC707BDB43}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{99AF98CE-CFB5-459A-BA9C-76780DBC9F04}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{066D3442-FC1B-4220-9808-47B36414EA9A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{2BC6A3F8-57D5-4F8A-93A6-BBE7A81BE40A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{694C6637-CFBF-4E6B-BBFF-D2983736ACEB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{E0A034BC-F64F-447A-BC02-23FA16DE1ED6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{384A3C04-A9FA-4723-8395-522021FABA64}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{0812B821-E123-4D14-B2F4-DF836F0C971A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{B4481768-C229-4950-BEF5-CD736F99D94B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{D103F84C-D10C-4FD7-A4EC-9F4C1F6E1B55}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{9D318238-F762-4C3B-9BE4-23622C7B38BD}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{645D652D-6C23-4F80-BC9A-06376D94DF11}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{C91DAB41-9375-412D-9F5B-263B592937EC}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [{D45942BC-792F-4584-9819-BA032FBFCB5F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{7229A17D-B110-42FF-89BA-D77CEB2AEE1C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{712761C5-86C8-4C54-B816-BAEAD8BA957F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F00C7C86-2922-4312-A755-5C28750E08E0}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F36AD998-C790-4493-BB89-C2FEF9A23E8F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{0610D9F7-459C-4082-8C0E-214B8FDCE6CF}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{AD7179D7-1CDC-494C-848B-123D50D76E6C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{E0F4E857-A613-4661-A58A-526E6E7A6BAB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{C0234360-127E-477B-BB35-EE9F3122D6B1}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{3570233D-A417-4725-AA79-ABDAC0749667}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{9999A020-EC33-49A5-A7AD-F3BBFC52980B}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{E5263721-BA6E-4575-A3D2-21E6C915C09D}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{0C716C97-1B3E-4785-A615-FCC80E67F241}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{8E28BAE7-5290-4563-80AE-B73F383F40C7}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{066588E4-5C33-49D7-BC20-BE1C413AC10C}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [UDP Query User{C03FBE9A-4460-4D06-925A-1ACB96D607C8}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [TCP Query User{6050B49A-74C3-4E9C-A8F0-DF3EFC6E5B4A}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [UDP Query User{AABCD9BA-F9B1-4DB0-B452-FBC66CCDD3D3}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [{B9CB52D9-9BC4-4A10-BD8D-24127F23A6FE}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{F8FE1784-575C-4AD7-9527-EEBFA22E13CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{AA2DE3F2-AA89-45EB-9495-5B886763E5FF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{991F576B-6E60-4FA1-A35F-CD4B01D4C553}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [{92FD7E88-D32C-422D-B97D-401F91765D74}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [TCP Query User{A2056612-01DF-4F5A-B8A0-DAD47FA09760}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [UDP Query User{C0D14C7E-683F-482C-B452-DA61A6D708B5}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [TCP Query User{B1055376-4703-4C56-9B99-CF0E359CDD32}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [UDP Query User{476BDC30-3FF2-4538-90BE-884A7CE14D54}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [TCP Query User{454806B7-2BAA-4B52-A9F3-96E9B37B8AEB}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [UDP Query User{C65A20BC-C107-44E7-BA7E-2DC509E7BB0F}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [TCP Query User{379F4BDA-17C9-4FCA-B00E-A3C127198396}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [UDP Query User{FD7E8EE8-EBCD-4C4A-9E34-8103C3F7FE2E}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [TCP Query User{FB4E5F59-30D1-45F7-BE6D-F9FC3727CA75}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [UDP Query User{394BEE94-938B-4CBC-A006-52F8177D67ED}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [{D9C31AC7-C71A-4FE4-8E87-71EB4AB52AE4}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{FDE27AAF-5F25-4A56-BA83-51A410840734}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{FEE610F0-CC1B-42B2-9B8E-A208A02D4E53}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{1B5BABEC-CE1F-444C-A910-167DA79DE587}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [TCP Query User{125933A3-E1AE-4395-8F90-403BC762BADF}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [UDP Query User{0C3938E6-7CB9-46D3-9215-D95A4C952843}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [TCP Query User{5F3529EA-A9F2-45F0-8061-3805345B08F2}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [UDP Query User{9975BE2D-98EA-4B9D-9CDF-2CC463E7E9B6}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [TCP Query User{DC16522A-143B-4D58-927F-F22C940DB10B}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [UDP Query User{E1924572-8739-4042-92F7-419EA482282F}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [TCP Query User{CC0AE691-7D6C-4041-84D9-28A10EF76F64}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [UDP Query User{B918EEE0-5C13-4B6B-AEDD-7FF9D430833B}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [TCP Query User{107D6FD9-A1AF-4A54-9B47-897DD12ABCC9}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [UDP Query User{4DAEA87A-B1B5-476C-AD02-219B4125F933}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [TCP Query User{9926F719-DE04-4A5A-A066-BBD6005186D0}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{036347C7-2406-48E7-A2B2-4EC333656151}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File EmptyTemp: End Save the file as fixlist.txt in the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the Farbar log you have submitted. Run FRST and click Fix only once and wait. === How to Delete/Restore quarantined files. https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus Follow the directives on the page and [b]delete[]/b] all the files in the quarantine folder. <<<>>> The tool will create a log (Fixlog.txt) please post it to your reply. Is the problem solved?

#4 honya15

Topic Starter
Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 05 September 2020 - 07:41 AM

Hello nasdaq, thank you for your help.

I've ran the fix, but welcomed after restart with the same message.

Also the link you sent about removing quarantined files directs me to a guide to restore files.

Here is the fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-09-2020 Ran by Honya (05-09-2020 14:24:35) Run:1 Running from C:\Users\Honya\Downloads Loaded Profiles: Honya Boot Mode: Normal ============================================== fixlist content: ***************** start SystemRestore: On CreateRestorePoint: CloseProcesses: Task: {9BEF0000-FAF6-482B-9FA5-3AEB14E63207} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] U3 idsvc; no ImagePath ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File AlternateDataStreams: C:\Users\Honya\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\Honya\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) FirewallRules: [{A7D89D86-68BC-4D78-8E29-65B4C8D36539}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{A4AB9041-8C03-4409-AE73-97D8CCA57471}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{6F77A00B-D6A7-4342-9E34-DDD741D452E0}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{7FC700AC-8E86-4977-811E-CCC2E5291E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{2EE9BEAE-66CD-4EBA-BC1F-A6F434E31402}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{2907E9AE-7FF8-482C-9957-F348B1C3975F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{D38B4DE7-4818-43A1-BE92-5CC923A62F92}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{F1EBD929-0AA9-4B75-B00C-12A2703308A3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{09DB22A4-459C-4FB9-8D78-B4D882B212EB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{D9E1C874-5579-42DE-AFE9-3C5F3810A4C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{A946D697-A853-48A3-BE45-0643818B1D8A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{1E8FD433-94D6-47F6-9E0E-0EC395F35659}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{206CE4D3-7C9D-4991-8D49-B2318A421910}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{561772EC-12A7-4F2E-B76D-17A199232E0A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{79746E2E-BC8F-42A8-8326-6A3B785FEF7A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{663DC1C7-B516-4590-BF8D-19AF9F6F3781}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{24FDF553-C45B-4511-A452-CBF9B8182F93}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{C406F960-A874-47D7-BCBC-C443A7A576CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{0814BC42-BFEF-43D8-A0D0-2F4C99A26690}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{7C9ADEFF-466F-48DE-9EBF-19AAE696359F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{D58E3829-BBE6-4F14-B20B-47AC1E341C58}] => (Allow) D:\Games\Archerage\ArcheRage.to NA\Launcher.exe => No File FirewallRules: [{7351DFB1-BF62-4104-A7B5-E45B099735F7}] => (Allow) D:\Games\ArcheRage\Launcher.exe => No File FirewallRules: [{B9E94016-3241-455E-8AAD-2ADC36693BE9}] => (Allow) D:\Games\RUAA\ArcheRage.to\Launcher.exe => No File FirewallRules: [{75B8E2A4-A204-4B0D-BE30-9B97192B356A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File FirewallRules: [{E9E8D7E5-557C-4D14-BF52-4B19C8524D2F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File FirewallRules: [{FF045FC2-EDED-40EC-992D-4B7F90F42BE6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File FirewallRules: [{ECDF1761-A473-4432-A846-726D5100FA35}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File FirewallRules: [{58095952-9ADD-43B4-8872-7FD14E837383}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File FirewallRules: [{2A798F3F-2FBD-4031-8C4B-B8AA7724FD33}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File FirewallRules: [{99039589-D0B1-4FBD-BA90-A31410995128}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{02CD9BA2-474D-4C79-B5A2-DDAABD560FC5}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{8D2FDA29-161A-413F-BD50-E9127DC9AEF3}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{76EA9E2E-9B6D-4AD7-B278-C364E7484D50}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{908FC62B-B83B-49CB-A52B-F455ED4D74A2}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{B64C6EA7-1C21-46B6-A258-C1E6B40C7888}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [UDP Query User{3195B8C1-B623-40E3-8588-52D96AE7D608}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{6AAE4749-907D-4DC8-8ACB-8C7A27EDCA25}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{95C63636-7958-42B0-8F2A-2EAA56570923}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [TCP Query User{130398A5-B700-4F70-9C9B-FB5A9953FA9B}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [{277CB8FB-68FF-477C-A8CB-C4586F618818}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [{28E2C83A-F400-4AF3-967F-C1C0B688FD58}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [TCP Query User{5DDEAA19-E2EA-46E9-97E4-7742F80744F0}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File FirewallRules: [UDP Query User{25EE7145-08C8-4EF0-9F1C-3BE072A35075}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{918524F4-C713-4EAC-A351-7C040F92DEA1}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{4C0F4A10-4814-4BFD-A9AC-AD4E13961ED7}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [TCP Query User{30E0A68B-B38F-4566-970F-A2710A5A156E}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [UDP Query User{A0F1640B-C595-4CEA-B527-C404B66DF5E0}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{0BA99EF4-DF17-4714-9CBB-EDE32A2BF29B}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{6ECF7E17-9037-425D-93EB-04452680C0E8}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{88736055-04E7-4DD9-A3EF-4E5FCE69B908}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{2602E465-C9EA-401F-BA28-FE227F24BA0E}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{A1B4641A-25B0-4F66-887D-DDE936FABC0D}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{2C076E81-EABB-44E2-BDB1-6DD1469AE4D2}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [TCP Query User{3E5205CF-4A50-491D-9196-CA22CD4F464C}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [UDP Query User{32F22D0B-C307-4DC2-B17E-D288BEE16C0B}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{CBB62ED5-2605-4E68-A0A3-43C5F923CD90}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [UDP Query User{DD1A5AF5-0E78-47C1-8F00-6A6A3A3D9CC4}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{563D334C-7C32-4F57-9B5A-9DF558883840}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [{04467E90-6AF1-44B2-B768-A72E8C96432B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{8FA6BF0F-34AA-4751-A3C1-E9C0FE587C4C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{0E3A552E-DBF9-4DF5-85B4-246C0A8528B2}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{16F0130E-605E-430F-8093-B8F2FB0BA3C6}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{91CD6979-F857-4560-A900-EA7D2283D6DC}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{8E14BAD5-B4E2-4329-852B-CC0E3E1A588B}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{BE102243-0305-4D39-8EB1-6FA7564B0C41}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{982EE0D1-4A9B-4FEE-BF53-A713FA86A54A}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [TCP Query User{6579AFF8-54C4-42F9-B106-E6665DB7A284}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [UDP Query User{C425C83B-6D0F-4CA7-8147-2E887A0574CB}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [{8F27C72B-5496-4056-A6D4-9029E674DDBC}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{F689DE07-C078-4F87-87F3-3650C429A7EE}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{C7FA9CE3-36CA-43BB-A4F5-3BEE6A5DB7C3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [UDP Query User{AA948E10-AED6-4A06-A025-F3F2D98623B3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [{4D7D3C40-EEF4-4A00-A250-5818A4285CD2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [{672DEEA6-FA43-403B-9503-82C00173C0D6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [TCP Query User{27C73CB4-195D-4F0A-9A3B-E4134B03F7DB}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [UDP Query User{13A25673-90AB-46E8-A1AD-4FC28B884EBE}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [{570A9815-102E-4204-85C4-A572046155BB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{92D91E58-B63D-4DFA-9727-22E204488BCC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{32CB4820-2B98-41DE-A131-050C3FBF7F6B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{71B01A1E-382D-4B03-9B2F-A63C2CE89EC3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{0409E256-F1AA-4DB4-9E8B-69087A9CD8CF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{F6557F2C-F11E-49F3-AA46-ADBC707BDB43}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{99AF98CE-CFB5-459A-BA9C-76780DBC9F04}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{066D3442-FC1B-4220-9808-47B36414EA9A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{2BC6A3F8-57D5-4F8A-93A6-BBE7A81BE40A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{694C6637-CFBF-4E6B-BBFF-D2983736ACEB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{E0A034BC-F64F-447A-BC02-23FA16DE1ED6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{384A3C04-A9FA-4723-8395-522021FABA64}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{0812B821-E123-4D14-B2F4-DF836F0C971A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{B4481768-C229-4950-BEF5-CD736F99D94B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{D103F84C-D10C-4FD7-A4EC-9F4C1F6E1B55}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{9D318238-F762-4C3B-9BE4-23622C7B38BD}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{645D652D-6C23-4F80-BC9A-06376D94DF11}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{C91DAB41-9375-412D-9F5B-263B592937EC}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [{D45942BC-792F-4584-9819-BA032FBFCB5F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{7229A17D-B110-42FF-89BA-D77CEB2AEE1C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{712761C5-86C8-4C54-B816-BAEAD8BA957F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F00C7C86-2922-4312-A755-5C28750E08E0}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F36AD998-C790-4493-BB89-C2FEF9A23E8F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{0610D9F7-459C-4082-8C0E-214B8FDCE6CF}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{AD7179D7-1CDC-494C-848B-123D50D76E6C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{E0F4E857-A613-4661-A58A-526E6E7A6BAB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{C0234360-127E-477B-BB35-EE9F3122D6B1}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{3570233D-A417-4725-AA79-ABDAC0749667}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{9999A020-EC33-49A5-A7AD-F3BBFC52980B}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{E5263721-BA6E-4575-A3D2-21E6C915C09D}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{0C716C97-1B3E-4785-A615-FCC80E67F241}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{8E28BAE7-5290-4563-80AE-B73F383F40C7}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{066588E4-5C33-49D7-BC20-BE1C413AC10C}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [UDP Query User{C03FBE9A-4460-4D06-925A-1ACB96D607C8}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [TCP Query User{6050B49A-74C3-4E9C-A8F0-DF3EFC6E5B4A}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [UDP Query User{AABCD9BA-F9B1-4DB0-B452-FBC66CCDD3D3}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [{B9CB52D9-9BC4-4A10-BD8D-24127F23A6FE}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{F8FE1784-575C-4AD7-9527-EEBFA22E13CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{AA2DE3F2-AA89-45EB-9495-5B886763E5FF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{991F576B-6E60-4FA1-A35F-CD4B01D4C553}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [{92FD7E88-D32C-422D-B97D-401F91765D74}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [TCP Query User{A2056612-01DF-4F5A-B8A0-DAD47FA09760}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [UDP Query User{C0D14C7E-683F-482C-B452-DA61A6D708B5}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [TCP Query User{B1055376-4703-4C56-9B99-CF0E359CDD32}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [UDP Query User{476BDC30-3FF2-4538-90BE-884A7CE14D54}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [TCP Query User{454806B7-2BAA-4B52-A9F3-96E9B37B8AEB}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [UDP Query User{C65A20BC-C107-44E7-BA7E-2DC509E7BB0F}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [TCP Query User{379F4BDA-17C9-4FCA-B00E-A3C127198396}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [UDP Query User{FD7E8EE8-EBCD-4C4A-9E34-8103C3F7FE2E}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [TCP Query User{FB4E5F59-30D1-45F7-BE6D-F9FC3727CA75}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [UDP Query User{394BEE94-938B-4CBC-A006-52F8177D67ED}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [{D9C31AC7-C71A-4FE4-8E87-71EB4AB52AE4}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{FDE27AAF-5F25-4A56-BA83-51A410840734}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{FEE610F0-CC1B-42B2-9B8E-A208A02D4E53}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{1B5BABEC-CE1F-444C-A910-167DA79DE587}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [TCP Query User{125933A3-E1AE-4395-8F90-403BC762BADF}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [UDP Query User{0C3938E6-7CB9-46D3-9215-D95A4C952843}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [TCP Query User{5F3529EA-A9F2-45F0-8061-3805345B08F2}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [UDP Query User{9975BE2D-98EA-4B9D-9CDF-2CC463E7E9B6}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [TCP Query User{DC16522A-143B-4D58-927F-F22C940DB10B}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [UDP Query User{E1924572-8739-4042-92F7-419EA482282F}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [TCP Query User{CC0AE691-7D6C-4041-84D9-28A10EF76F64}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [UDP Query User{B918EEE0-5C13-4B6B-AEDD-7FF9D430833B}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [TCP Query User{107D6FD9-A1AF-4A54-9B47-897DD12ABCC9}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [UDP Query User{4DAEA87A-B1B5-476C-AD02-219B4125F933}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [TCP Query User{9926F719-DE04-4A5A-A066-BBD6005186D0}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{036347C7-2406-48E7-A2B2-4EC333656151}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File EmptyTemp: End ***************** SystemRestore: On => completed Restore point was successfully created. Processes closed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BEF0000-FAF6-482B-9FA5-3AEB14E63207}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BEF0000-FAF6-482B-9FA5-3AEB14E63207}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully HKLM\System\CurrentControlSet\Services\idsvc => removed successfully idsvc => service removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully C:\Users\Honya\Application Data => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully "C:\Users\Honya\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found. HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7D89D86-68BC-4D78-8E29-65B4C8D36539}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4AB9041-8C03-4409-AE73-97D8CCA57471}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F77A00B-D6A7-4342-9E34-DDD741D452E0}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FC700AC-8E86-4977-811E-CCC2E5291E53}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2EE9BEAE-66CD-4EBA-BC1F-A6F434E31402}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2907E9AE-7FF8-482C-9957-F348B1C3975F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D38B4DE7-4818-43A1-BE92-5CC923A62F92}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1EBD929-0AA9-4B75-B00C-12A2703308A3}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09DB22A4-459C-4FB9-8D78-B4D882B212EB}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9E1C874-5579-42DE-AFE9-3C5F3810A4C6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A946D697-A853-48A3-BE45-0643818B1D8A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E8FD433-94D6-47F6-9E0E-0EC395F35659}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{206CE4D3-7C9D-4991-8D49-B2318A421910}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{561772EC-12A7-4F2E-B76D-17A199232E0A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79746E2E-BC8F-42A8-8326-6A3B785FEF7A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{663DC1C7-B516-4590-BF8D-19AF9F6F3781}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24FDF553-C45B-4511-A452-CBF9B8182F93}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C406F960-A874-47D7-BCBC-C443A7A576CA}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0814BC42-BFEF-43D8-A0D0-2F4C99A26690}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C9ADEFF-466F-48DE-9EBF-19AAE696359F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D58E3829-BBE6-4F14-B20B-47AC1E341C58}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7351DFB1-BF62-4104-A7B5-E45B099735F7}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9E94016-3241-455E-8AAD-2ADC36693BE9}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75B8E2A4-A204-4B0D-BE30-9B97192B356A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9E8D7E5-557C-4D14-BF52-4B19C8524D2F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF045FC2-EDED-40EC-992D-4B7F90F42BE6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECDF1761-A473-4432-A846-726D5100FA35}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58095952-9ADD-43B4-8872-7FD14E837383}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A798F3F-2FBD-4031-8C4B-B8AA7724FD33}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99039589-D0B1-4FBD-BA90-A31410995128}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02CD9BA2-474D-4C79-B5A2-DDAABD560FC5}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D2FDA29-161A-413F-BD50-E9127DC9AEF3}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76EA9E2E-9B6D-4AD7-B278-C364E7484D50}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{908FC62B-B83B-49CB-A52B-F455ED4D74A2}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B64C6EA7-1C21-46B6-A258-C1E6B40C7888}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3195B8C1-B623-40E3-8588-52D96AE7D608}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6AAE4749-907D-4DC8-8ACB-8C7A27EDCA25}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{95C63636-7958-42B0-8F2A-2EAA56570923}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{130398A5-B700-4F70-9C9B-FB5A9953FA9B}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{277CB8FB-68FF-477C-A8CB-C4586F618818}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28E2C83A-F400-4AF3-967F-C1C0B688FD58}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5DDEAA19-E2EA-46E9-97E4-7742F80744F0}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{25EE7145-08C8-4EF0-9F1C-3BE072A35075}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{918524F4-C713-4EAC-A351-7C040F92DEA1}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4C0F4A10-4814-4BFD-A9AC-AD4E13961ED7}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30E0A68B-B38F-4566-970F-A2710A5A156E}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A0F1640B-C595-4CEA-B527-C404B66DF5E0}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0BA99EF4-DF17-4714-9CBB-EDE32A2BF29B}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6ECF7E17-9037-425D-93EB-04452680C0E8}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{88736055-04E7-4DD9-A3EF-4E5FCE69B908}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2602E465-C9EA-401F-BA28-FE227F24BA0E}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A1B4641A-25B0-4F66-887D-DDE936FABC0D}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2C076E81-EABB-44E2-BDB1-6DD1469AE4D2}D:\games\overwatch\overwatch.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E5205CF-4A50-491D-9196-CA22CD4F464C}D:\games\overwatch\overwatch.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{32F22D0B-C307-4DC2-B17E-D288BEE16C0B}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CBB62ED5-2605-4E68-A0A3-43C5F923CD90}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DD1A5AF5-0E78-47C1-8F00-6A6A3A3D9CC4}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{563D334C-7C32-4F57-9B5A-9DF558883840}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04467E90-6AF1-44B2-B768-A72E8C96432B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FA6BF0F-34AA-4751-A3C1-E9C0FE587C4C}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E3A552E-DBF9-4DF5-85B4-246C0A8528B2}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16F0130E-605E-430F-8093-B8F2FB0BA3C6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91CD6979-F857-4560-A900-EA7D2283D6DC}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E14BAD5-B4E2-4329-852B-CC0E3E1A588B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE102243-0305-4D39-8EB1-6FA7564B0C41}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{982EE0D1-4A9B-4FEE-BF53-A713FA86A54A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6579AFF8-54C4-42F9-B106-E6665DB7A284}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C425C83B-6D0F-4CA7-8147-2E887A0574CB}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F27C72B-5496-4056-A6D4-9029E674DDBC}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F689DE07-C078-4F87-87F3-3650C429A7EE}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7FA9CE3-36CA-43BB-A4F5-3BEE6A5DB7C3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA948E10-AED6-4A06-A025-F3F2D98623B3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D7D3C40-EEF4-4A00-A250-5818A4285CD2}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{672DEEA6-FA43-403B-9503-82C00173C0D6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27C73CB4-195D-4F0A-9A3B-E4134B03F7DB}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{13A25673-90AB-46E8-A1AD-4FC28B884EBE}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{570A9815-102E-4204-85C4-A572046155BB}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92D91E58-B63D-4DFA-9727-22E204488BCC}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32CB4820-2B98-41DE-A131-050C3FBF7F6B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71B01A1E-382D-4B03-9B2F-A63C2CE89EC3}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0409E256-F1AA-4DB4-9E8B-69087A9CD8CF}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6557F2C-F11E-49F3-AA46-ADBC707BDB43}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99AF98CE-CFB5-459A-BA9C-76780DBC9F04}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{066D3442-FC1B-4220-9808-47B36414EA9A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2BC6A3F8-57D5-4F8A-93A6-BBE7A81BE40A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{694C6637-CFBF-4E6B-BBFF-D2983736ACEB}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0A034BC-F64F-447A-BC02-23FA16DE1ED6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{384A3C04-A9FA-4723-8395-522021FABA64}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0812B821-E123-4D14-B2F4-DF836F0C971A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4481768-C229-4950-BEF5-CD736F99D94B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D103F84C-D10C-4FD7-A4EC-9F4C1F6E1B55}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D318238-F762-4C3B-9BE4-23622C7B38BD}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{645D652D-6C23-4F80-BC9A-06376D94DF11}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C91DAB41-9375-412D-9F5B-263B592937EC}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D45942BC-792F-4584-9819-BA032FBFCB5F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7229A17D-B110-42FF-89BA-D77CEB2AEE1C}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{712761C5-86C8-4C54-B816-BAEAD8BA957F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F00C7C86-2922-4312-A755-5C28750E08E0}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F36AD998-C790-4493-BB89-C2FEF9A23E8F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0610D9F7-459C-4082-8C0E-214B8FDCE6CF}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD7179D7-1CDC-494C-848B-123D50D76E6C}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0F4E857-A613-4661-A58A-526E6E7A6BAB}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0234360-127E-477B-BB35-EE9F3122D6B1}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3570233D-A417-4725-AA79-ABDAC0749667}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9999A020-EC33-49A5-A7AD-F3BBFC52980B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5263721-BA6E-4575-A3D2-21E6C915C09D}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C716C97-1B3E-4785-A615-FCC80E67F241}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E28BAE7-5290-4563-80AE-B73F383F40C7}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{066588E4-5C33-49D7-BC20-BE1C413AC10C}C:\users\honya\appdata\roaming\spotify\spotify.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C03FBE9A-4460-4D06-925A-1ACB96D607C8}C:\users\honya\appdata\roaming\spotify\spotify.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6050B49A-74C3-4E9C-A8F0-DF3EFC6E5B4A}D:\games\rito games\game\league of legends.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AABCD9BA-F9B1-4DB0-B452-FBC66CCDD3D3}D:\games\rito games\game\league of legends.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9CB52D9-9BC4-4A10-BD8D-24127F23A6FE}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8FE1784-575C-4AD7-9527-EEBFA22E13CC}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA2DE3F2-AA89-45EB-9495-5B886763E5FF}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{991F576B-6E60-4FA1-A35F-CD4B01D4C553}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92FD7E88-D32C-422D-B97D-401F91765D74}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A2056612-01DF-4F5A-B8A0-DAD47FA09760}D:\games\skyrimmod\harbor\harbor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C0D14C7E-683F-482C-B452-DA61A6D708B5}D:\games\skyrimmod\harbor\harbor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1055376-4703-4C56-9B99-CF0E359CDD32}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{476BDC30-3FF2-4538-90BE-884A7CE14D54}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{454806B7-2BAA-4B52-A9F3-96E9B37B8AEB}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C65A20BC-C107-44E7-BA7E-2DC509E7BB0F}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{379F4BDA-17C9-4FCA-B00E-A3C127198396}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD7E8EE8-EBCD-4C4A-9E34-8103C3F7FE2E}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB4E5F59-30D1-45F7-BE6D-F9FC3727CA75}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{394BEE94-938B-4CBC-A006-52F8177D67ED}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9C31AC7-C71A-4FE4-8E87-71EB4AB52AE4}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDE27AAF-5F25-4A56-BA83-51A410840734}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEE610F0-CC1B-42B2-9B8E-A208A02D4E53}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B5BABEC-CE1F-444C-A910-167DA79DE587}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{125933A3-E1AE-4395-8F90-403BC762BADF}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C3938E6-7CB9-46D3-9215-D95A4C952843}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F3529EA-A9F2-45F0-8061-3805345B08F2}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9975BE2D-98EA-4B9D-9CDF-2CC463E7E9B6}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC16522A-143B-4D58-927F-F22C940DB10B}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E1924572-8739-4042-92F7-419EA482282F}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CC0AE691-7D6C-4041-84D9-28A10EF76F64}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B918EEE0-5C13-4B6B-AEDD-7FF9D430833B}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{107D6FD9-A1AF-4A54-9B47-897DD12ABCC9}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4DAEA87A-B1B5-476C-AD02-219B4125F933}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9926F719-DE04-4A5A-A066-BBD6005186D0}E:\arkeditor\engine\binaries\win64\ue4editor.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{036347C7-2406-48E7-A2B2-4EC333656151}E:\arkeditor\engine\binaries\win64\ue4editor.exe" => removed successfully =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 239586686 B Java, Flash, Steam htmlcache => 510641493 B Windows/system/drivers => 9159440 B Edge => 4420864 B Chrome => 1241455268 B Firefox => 945472333 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 7680 B Users => 7680 B ProgramData => 7680 B Public => 7680 B systemprofile => 7680 B systemprofile32 => 161386 B LocalService => 881280 B NetworkService => 38371850 B Honya => 331745381 B RecycleBin => 0 B EmptyTemp: => 3.1 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:26:39 ====

#5 nasdaq

Malware Response Team
48,329 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:05:29 AM

Posted 06 September 2020 - 06:14 AM

Hi, Also the link you sent about removing quarantined files directs me to a guide to restore files.

Not so.

The same instruction can be used to restore or delete files in the quarantine folder.

The error message shows that the file(s) is in the quarantine folder.

Let me know if present and if you are able to remove it.

#6 honya15

Topic Starter
Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 06 September 2020 - 06:41 AM

There is not an option to delete, see the picture: http://prntscr.com/ucfx0c

#7 nasdaq

Malware Response Team
48,329 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:05:29 AM

Posted 06 September 2020 - 07:16 AM

Hi,

The file or registry entry responsible for this if Keygen.exe in your D: drive.

If present in the D: drive and you feel the file is good fine.

If the file is no longer required delete it.

If the file is not present the let's see what we can find in the Registry.

Run the Farbar program .exe as an Administrator. In the Search text area, copy and paste the following: Keygen.exe Once done, click on the Search Registry button and wait for FRST to finish the search On completion, a log will open in Notepad. Copy and paste its content in your next reply ====

#8 honya15

Topic Starter
Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 06 September 2020 - 07:49 AM

File is already deleted.

Log:

Farbar Recovery Scan Tool (x64) Version: 03-09-2020 Ran by Honya (06-09-2020 14:40:13) Running from C:\Users\Honya\Downloads Boot Mode: Normal ================== Search Registry: "Keygen.exe" =========== ====== End of Search ======

#9 nasdaq

Malware Response Team
48,329 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:05:29 AM

Posted 06 September 2020 - 01:02 PM

Hi, If the problem persists and Chrome is Synced with other Devices reset it. https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/ https://support.google.com/chrome/answer/185277 Execute the suggested fix. Restart the computer normally. =========== Is the problem solved?

#10 honya15

Topic Starter
Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 06 September 2020 - 07:09 PM

Hello

I've disabled chrome sync, reran the original fix, but nothing changed. After restaring my PC, i'm greeted with the same warning message from Windows Defender, the same as the picture in my original post. Pressing Actions->Remove only results in faliure.

It says Affected items: uefifirmware: \UefiImage->CpuPei

Isn't that the BIOS?

The fix log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-09-2020 Ran by Honya (07-09-2020 01:54:56) Run:2 Running from C:\Users\Honya\Downloads Loaded Profiles: Honya Boot Mode: Normal ============================================== fixlist content: ***************** start SystemRestore: On CreateRestorePoint: CloseProcesses: Task: {9BEF0000-FAF6-482B-9FA5-3AEB14E63207} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] U3 idsvc; no ImagePath ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File AlternateDataStreams: C:\Users\Honya\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\Honya\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) FirewallRules: [{A7D89D86-68BC-4D78-8E29-65B4C8D36539}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{A4AB9041-8C03-4409-AE73-97D8CCA57471}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{6F77A00B-D6A7-4342-9E34-DDD741D452E0}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{7FC700AC-8E86-4977-811E-CCC2E5291E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe => No File FirewallRules: [{2EE9BEAE-66CD-4EBA-BC1F-A6F434E31402}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{2907E9AE-7FF8-482C-9957-F348B1C3975F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe => No File FirewallRules: [{D38B4DE7-4818-43A1-BE92-5CC923A62F92}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{F1EBD929-0AA9-4B75-B00C-12A2703308A3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{09DB22A4-459C-4FB9-8D78-B4D882B212EB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{D9E1C874-5579-42DE-AFE9-3C5F3810A4C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{A946D697-A853-48A3-BE45-0643818B1D8A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{1E8FD433-94D6-47F6-9E0E-0EC395F35659}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{206CE4D3-7C9D-4991-8D49-B2318A421910}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File FirewallRules: [{561772EC-12A7-4F2E-B76D-17A199232E0A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe => No File FirewallRules: [{79746E2E-BC8F-42A8-8326-6A3B785FEF7A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{663DC1C7-B516-4590-BF8D-19AF9F6F3781}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{24FDF553-C45B-4511-A452-CBF9B8182F93}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe => No File FirewallRules: [{C406F960-A874-47D7-BCBC-C443A7A576CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe => No File FirewallRules: [{0814BC42-BFEF-43D8-A0D0-2F4C99A26690}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{7C9ADEFF-466F-48DE-9EBF-19AAE696359F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Raiders of the Broken Planet\bin\Raiders.exe => No File FirewallRules: [{D58E3829-BBE6-4F14-B20B-47AC1E341C58}] => (Allow) D:\Games\Archerage\ArcheRage.to NA\Launcher.exe => No File FirewallRules: [{7351DFB1-BF62-4104-A7B5-E45B099735F7}] => (Allow) D:\Games\ArcheRage\Launcher.exe => No File FirewallRules: [{B9E94016-3241-455E-8AAD-2ADC36693BE9}] => (Allow) D:\Games\RUAA\ArcheRage.to\Launcher.exe => No File FirewallRules: [{75B8E2A4-A204-4B0D-BE30-9B97192B356A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File FirewallRules: [{E9E8D7E5-557C-4D14-BF52-4B19C8524D2F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File FirewallRules: [{FF045FC2-EDED-40EC-992D-4B7F90F42BE6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File FirewallRules: [{ECDF1761-A473-4432-A846-726D5100FA35}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File FirewallRules: [{58095952-9ADD-43B4-8872-7FD14E837383}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File FirewallRules: [{2A798F3F-2FBD-4031-8C4B-B8AA7724FD33}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File FirewallRules: [{99039589-D0B1-4FBD-BA90-A31410995128}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{02CD9BA2-474D-4C79-B5A2-DDAABD560FC5}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File FirewallRules: [{8D2FDA29-161A-413F-BD50-E9127DC9AEF3}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{76EA9E2E-9B6D-4AD7-B278-C364E7484D50}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{908FC62B-B83B-49CB-A52B-F455ED4D74A2}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [{B64C6EA7-1C21-46B6-A258-C1E6B40C7888}] => (Allow) C:\Users\Honya\Documents\Curse\Minecraft\Install\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File FirewallRules: [UDP Query User{3195B8C1-B623-40E3-8588-52D96AE7D608}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{6AAE4749-907D-4DC8-8ACB-8C7A27EDCA25}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{95C63636-7958-42B0-8F2A-2EAA56570923}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [TCP Query User{130398A5-B700-4F70-9C9B-FB5A9953FA9B}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe => No File FirewallRules: [{277CB8FB-68FF-477C-A8CB-C4586F618818}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [{28E2C83A-F400-4AF3-967F-C1C0B688FD58}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe => No File FirewallRules: [TCP Query User{5DDEAA19-E2EA-46E9-97E4-7742F80744F0}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File FirewallRules: [UDP Query User{25EE7145-08C8-4EF0-9F1C-3BE072A35075}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{918524F4-C713-4EAC-A351-7C040F92DEA1}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{4C0F4A10-4814-4BFD-A9AC-AD4E13961ED7}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [TCP Query User{30E0A68B-B38F-4566-970F-A2710A5A156E}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe => No File FirewallRules: [UDP Query User{A0F1640B-C595-4CEA-B527-C404B66DF5E0}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{0BA99EF4-DF17-4714-9CBB-EDE32A2BF29B}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{6ECF7E17-9037-425D-93EB-04452680C0E8}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [TCP Query User{88736055-04E7-4DD9-A3EF-4E5FCE69B908}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe] => (Allow) D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe => No File FirewallRules: [UDP Query User{2602E465-C9EA-401F-BA28-FE227F24BA0E}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [TCP Query User{A1B4641A-25B0-4F66-887D-DDE936FABC0D}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{2C076E81-EABB-44E2-BDB1-6DD1469AE4D2}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [TCP Query User{3E5205CF-4A50-491D-9196-CA22CD4F464C}D:\games\overwatch\overwatch.exe] => (Allow) D:\games\overwatch\overwatch.exe => No File FirewallRules: [UDP Query User{32F22D0B-C307-4DC2-B17E-D288BEE16C0B}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{CBB62ED5-2605-4E68-A0A3-43C5F923CD90}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File FirewallRules: [UDP Query User{DD1A5AF5-0E78-47C1-8F00-6A6A3A3D9CC4}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [TCP Query User{563D334C-7C32-4F57-9B5A-9DF558883840}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => No File FirewallRules: [{04467E90-6AF1-44B2-B768-A72E8C96432B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{8FA6BF0F-34AA-4751-A3C1-E9C0FE587C4C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{0E3A552E-DBF9-4DF5-85B4-246C0A8528B2}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{16F0130E-605E-430F-8093-B8F2FB0BA3C6}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{91CD6979-F857-4560-A900-EA7D2283D6DC}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{8E14BAD5-B4E2-4329-852B-CC0E3E1A588B}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{BE102243-0305-4D39-8EB1-6FA7564B0C41}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{982EE0D1-4A9B-4FEE-BF53-A713FA86A54A}] => (Allow) C:\Users\Honya\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [TCP Query User{6579AFF8-54C4-42F9-B106-E6665DB7A284}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [UDP Query User{C425C83B-6D0F-4CA7-8147-2E887A0574CB}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe => No File FirewallRules: [{8F27C72B-5496-4056-A6D4-9029E674DDBC}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{F689DE07-C078-4F87-87F3-3650C429A7EE}] => (Allow) C:\Users\Honya\Downloads\arkserverdata\Servers\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{C7FA9CE3-36CA-43BB-A4F5-3BEE6A5DB7C3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [UDP Query User{AA948E10-AED6-4A06-A025-F3F2D98623B3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe => No File FirewallRules: [{4D7D3C40-EEF4-4A00-A250-5818A4285CD2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [{672DEEA6-FA43-403B-9503-82C00173C0D6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File FirewallRules: [TCP Query User{27C73CB4-195D-4F0A-9A3B-E4134B03F7DB}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [UDP Query User{13A25673-90AB-46E8-A1AD-4FC28B884EBE}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe => No File FirewallRules: [{570A9815-102E-4204-85C4-A572046155BB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{92D91E58-B63D-4DFA-9727-22E204488BCC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => No File FirewallRules: [{32CB4820-2B98-41DE-A131-050C3FBF7F6B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{71B01A1E-382D-4B03-9B2F-A63C2CE89EC3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => No File FirewallRules: [{0409E256-F1AA-4DB4-9E8B-69087A9CD8CF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{F6557F2C-F11E-49F3-AA46-ADBC707BDB43}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => No File FirewallRules: [{99AF98CE-CFB5-459A-BA9C-76780DBC9F04}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{066D3442-FC1B-4220-9808-47B36414EA9A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => No File FirewallRules: [{2BC6A3F8-57D5-4F8A-93A6-BBE7A81BE40A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{694C6637-CFBF-4E6B-BBFF-D2983736ACEB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe => No File FirewallRules: [{E0A034BC-F64F-447A-BC02-23FA16DE1ED6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{384A3C04-A9FA-4723-8395-522021FABA64}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Imperium Galactica\DOSBOX\DOSBox.exe => No File FirewallRules: [{0812B821-E123-4D14-B2F4-DF836F0C971A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{B4481768-C229-4950-BEF5-CD736F99D94B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer_x64_11.exe => No File FirewallRules: [{D103F84C-D10C-4FD7-A4EC-9F4C1F6E1B55}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{9D318238-F762-4C3B-9BE4-23622C7B38BD}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{645D652D-6C23-4F80-BC9A-06376D94DF11}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{C91DAB41-9375-412D-9F5B-263B592937EC}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [{D45942BC-792F-4584-9819-BA032FBFCB5F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{7229A17D-B110-42FF-89BA-D77CEB2AEE1C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => No File FirewallRules: [{712761C5-86C8-4C54-B816-BAEAD8BA957F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F00C7C86-2922-4312-A755-5C28750E08E0}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{F36AD998-C790-4493-BB89-C2FEF9A23E8F}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{0610D9F7-459C-4082-8C0E-214B8FDCE6CF}] => (Allow) D:\Work\Foobar_TestApp\WindowsNoEditor\Foobar.exe => No File FirewallRules: [{AD7179D7-1CDC-494C-848B-123D50D76E6C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{E0F4E857-A613-4661-A58A-526E6E7A6BAB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => No File FirewallRules: [{C0234360-127E-477B-BB35-EE9F3122D6B1}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{3570233D-A417-4725-AA79-ABDAC0749667}] => (Allow) E:\latest\DATYA\Servers\Server2\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{9999A020-EC33-49A5-A7AD-F3BBFC52980B}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{E5263721-BA6E-4575-A3D2-21E6C915C09D}] => (Allow) G:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{0C716C97-1B3E-4785-A615-FCC80E67F241}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [{8E28BAE7-5290-4563-80AE-B73F383F40C7}] => (Allow) H:\latest\DATYA\ShooterGame\Binaries\Win64\ShooterGameServer.exe => No File FirewallRules: [TCP Query User{066588E4-5C33-49D7-BC20-BE1C413AC10C}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [UDP Query User{C03FBE9A-4460-4D06-925A-1ACB96D607C8}C:\users\honya\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honya\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [TCP Query User{6050B49A-74C3-4E9C-A8F0-DF3EFC6E5B4A}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [UDP Query User{AABCD9BA-F9B1-4DB0-B452-FBC66CCDD3D3}D:\games\rito games\game\league of legends.exe] => (Allow) D:\games\rito games\game\league of legends.exe => No File FirewallRules: [{B9CB52D9-9BC4-4A10-BD8D-24127F23A6FE}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File FirewallRules: [{F8FE1784-575C-4AD7-9527-EEBFA22E13CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{AA2DE3F2-AA89-45EB-9495-5B886763E5FF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe => No File FirewallRules: [{991F576B-6E60-4FA1-A35F-CD4B01D4C553}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [{92FD7E88-D32C-422D-B97D-401F91765D74}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe => No File FirewallRules: [TCP Query User{A2056612-01DF-4F5A-B8A0-DAD47FA09760}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [UDP Query User{C0D14C7E-683F-482C-B452-DA61A6D708B5}D:\games\skyrimmod\harbor\harbor.exe] => (Allow) D:\games\skyrimmod\harbor\harbor.exe => No File FirewallRules: [TCP Query User{B1055376-4703-4C56-9B99-CF0E359CDD32}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [UDP Query User{476BDC30-3FF2-4538-90BE-884A7CE14D54}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe] => (Allow) D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe => No File FirewallRules: [TCP Query User{454806B7-2BAA-4B52-A9F3-96E9B37B8AEB}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [UDP Query User{C65A20BC-C107-44E7-BA7E-2DC509E7BB0F}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe] => (Allow) F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe => No File FirewallRules: [TCP Query User{379F4BDA-17C9-4FCA-B00E-A3C127198396}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [UDP Query User{FD7E8EE8-EBCD-4C4A-9E34-8103C3F7FE2E}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe => No File FirewallRules: [TCP Query User{FB4E5F59-30D1-45F7-BE6D-F9FC3727CA75}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [UDP Query User{394BEE94-938B-4CBC-A006-52F8177D67ED}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe => No File FirewallRules: [{D9C31AC7-C71A-4FE4-8E87-71EB4AB52AE4}] => (Allow) C:\Users\Honya\Downloads\bin\BlackDesert32.exe => No File FirewallRules: [{FDE27AAF-5F25-4A56-BA83-51A410840734}] => (Allow) C:\Users\Honya\Downloads\bin64\BlackDesert64.exe => No File FirewallRules: [{FEE610F0-CC1B-42B2-9B8E-A208A02D4E53}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Launcher.exe => No File FirewallRules: [{1B5BABEC-CE1F-444C-A910-167DA79DE587}] => (Allow) C:\Users\Honya\Downloads\BlackDesert_Downloader.exe => No File FirewallRules: [TCP Query User{125933A3-E1AE-4395-8F90-403BC762BADF}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [UDP Query User{0C3938E6-7CB9-46D3-9215-D95A4C952843}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe] => (Allow) F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe => No File FirewallRules: [TCP Query User{5F3529EA-A9F2-45F0-8061-3805345B08F2}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [UDP Query User{9975BE2D-98EA-4B9D-9CDF-2CC463E7E9B6}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [TCP Query User{DC16522A-143B-4D58-927F-F22C940DB10B}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [UDP Query User{E1924572-8739-4042-92F7-419EA482282F}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe] => (Allow) D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe => No File FirewallRules: [TCP Query User{CC0AE691-7D6C-4041-84D9-28A10EF76F64}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [UDP Query User{B918EEE0-5C13-4B6B-AEDD-7FF9D430833B}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [TCP Query User{107D6FD9-A1AF-4A54-9B47-897DD12ABCC9}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [UDP Query User{4DAEA87A-B1B5-476C-AD02-219B4125F933}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe] => (Allow) D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe => No File FirewallRules: [TCP Query User{9926F719-DE04-4A5A-A066-BBD6005186D0}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File FirewallRules: [UDP Query User{036347C7-2406-48E7-A2B2-4EC333656151}E:\arkeditor\engine\binaries\win64\ue4editor.exe] => (Allow) E:\arkeditor\engine\binaries\win64\ue4editor.exe => No File EmptyTemp: End ***************** SystemRestore: On => completed Restore point was successfully created. Processes closed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BEF0000-FAF6-482B-9FA5-3AEB14E63207}" => not found "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => not found HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => not found idsvc => service not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => not found HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => not found HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found "C:\Users\Honya\Application Data" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found. "C:\Users\Honya\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found. HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7D89D86-68BC-4D78-8E29-65B4C8D36539}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4AB9041-8C03-4409-AE73-97D8CCA57471}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F77A00B-D6A7-4342-9E34-DDD741D452E0}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FC700AC-8E86-4977-811E-CCC2E5291E53}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2EE9BEAE-66CD-4EBA-BC1F-A6F434E31402}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2907E9AE-7FF8-482C-9957-F348B1C3975F}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D38B4DE7-4818-43A1-BE92-5CC923A62F92}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1EBD929-0AA9-4B75-B00C-12A2703308A3}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09DB22A4-459C-4FB9-8D78-B4D882B212EB}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9E1C874-5579-42DE-AFE9-3C5F3810A4C6}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A946D697-A853-48A3-BE45-0643818B1D8A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E8FD433-94D6-47F6-9E0E-0EC395F35659}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{206CE4D3-7C9D-4991-8D49-B2318A421910}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{561772EC-12A7-4F2E-B76D-17A199232E0A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79746E2E-BC8F-42A8-8326-6A3B785FEF7A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{663DC1C7-B516-4590-BF8D-19AF9F6F3781}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24FDF553-C45B-4511-A452-CBF9B8182F93}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C406F960-A874-47D7-BCBC-C443A7A576CA}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0814BC42-BFEF-43D8-A0D0-2F4C99A26690}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C9ADEFF-466F-48DE-9EBF-19AAE696359F}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D58E3829-BBE6-4F14-B20B-47AC1E341C58}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7351DFB1-BF62-4104-A7B5-E45B099735F7}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9E94016-3241-455E-8AAD-2ADC36693BE9}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75B8E2A4-A204-4B0D-BE30-9B97192B356A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9E8D7E5-557C-4D14-BF52-4B19C8524D2F}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF045FC2-EDED-40EC-992D-4B7F90F42BE6}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECDF1761-A473-4432-A846-726D5100FA35}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58095952-9ADD-43B4-8872-7FD14E837383}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A798F3F-2FBD-4031-8C4B-B8AA7724FD33}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99039589-D0B1-4FBD-BA90-A31410995128}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02CD9BA2-474D-4C79-B5A2-DDAABD560FC5}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D2FDA29-161A-413F-BD50-E9127DC9AEF3}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76EA9E2E-9B6D-4AD7-B278-C364E7484D50}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{908FC62B-B83B-49CB-A52B-F455ED4D74A2}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B64C6EA7-1C21-46B6-A258-C1E6B40C7888}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3195B8C1-B623-40E3-8588-52D96AE7D608}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6AAE4749-907D-4DC8-8ACB-8C7A27EDCA25}D:\work\epic games\4.13\engine\binaries\win64\ue4editor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{95C63636-7958-42B0-8F2A-2EAA56570923}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{130398A5-B700-4F70-9C9B-FB5A9953FA9B}D:\games\gameforgelive\games\gbr_eng\tera\tera-launcher.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{277CB8FB-68FF-477C-A8CB-C4586F618818}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28E2C83A-F400-4AF3-967F-C1C0B688FD58}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5DDEAA19-E2EA-46E9-97E4-7742F80744F0}D:\games\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{25EE7145-08C8-4EF0-9F1C-3BE072A35075}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{918524F4-C713-4EAC-A351-7C040F92DEA1}D:\gammafejlesztos\faitoloid\faitoloid2demo\faitoloid\faitoloid\binaries\win64\faitoloid.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4C0F4A10-4814-4BFD-A9AC-AD4E13961ED7}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30E0A68B-B38F-4566-970F-A2710A5A156E}D:\work\epic games\4.12\engine\binaries\dotnet\swarmagent.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A0F1640B-C595-4CEA-B527-C404B66DF5E0}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0BA99EF4-DF17-4714-9CBB-EDE32A2BF29B}D:\work\faitoloid\saved\stagedbuilds\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6ECF7E17-9037-425D-93EB-04452680C0E8}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{88736055-04E7-4DD9-A3EF-4E5FCE69B908}D:\work\faitoloid_build\windowsnoeditor\faitoloid\binaries\win64\faitoloid.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2602E465-C9EA-401F-BA28-FE227F24BA0E}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A1B4641A-25B0-4F66-887D-DDE936FABC0D}D:\work\epic games\4.12\engine\binaries\win64\ue4editor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2C076E81-EABB-44E2-BDB1-6DD1469AE4D2}D:\games\overwatch\overwatch.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E5205CF-4A50-491D-9196-CA22CD4F464C}D:\games\overwatch\overwatch.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{32F22D0B-C307-4DC2-B17E-D288BEE16C0B}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CBB62ED5-2605-4E68-A0A3-43C5F923CD90}D:\work\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DD1A5AF5-0E78-47C1-8F00-6A6A3A3D9CC4}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{563D334C-7C32-4F57-9B5A-9DF558883840}D:\work\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04467E90-6AF1-44B2-B768-A72E8C96432B}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FA6BF0F-34AA-4751-A3C1-E9C0FE587C4C}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E3A552E-DBF9-4DF5-85B4-246C0A8528B2}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16F0130E-605E-430F-8093-B8F2FB0BA3C6}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91CD6979-F857-4560-A900-EA7D2283D6DC}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E14BAD5-B4E2-4329-852B-CC0E3E1A588B}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE102243-0305-4D39-8EB1-6FA7564B0C41}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{982EE0D1-4A9B-4FEE-BF53-A713FA86A54A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6579AFF8-54C4-42F9-B106-E6665DB7A284}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C425C83B-6D0F-4CA7-8147-2E887A0574CB}D:\games\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F27C72B-5496-4056-A6D4-9029E674DDBC}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F689DE07-C078-4F87-87F3-3650C429A7EE}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7FA9CE3-36CA-43BB-A4F5-3BEE6A5DB7C3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA948E10-AED6-4A06-A025-F3F2D98623B3}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D7D3C40-EEF4-4A00-A250-5818A4285CD2}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{672DEEA6-FA43-403B-9503-82C00173C0D6}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27C73CB4-195D-4F0A-9A3B-E4134B03F7DB}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{13A25673-90AB-46E8-A1AD-4FC28B884EBE}C:\users\honya\appdata\local\temp\i1479429608\windows\resource\jre\bin\javaw.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{570A9815-102E-4204-85C4-A572046155BB}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92D91E58-B63D-4DFA-9727-22E204488BCC}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32CB4820-2B98-41DE-A131-050C3FBF7F6B}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71B01A1E-382D-4B03-9B2F-A63C2CE89EC3}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0409E256-F1AA-4DB4-9E8B-69087A9CD8CF}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6557F2C-F11E-49F3-AA46-ADBC707BDB43}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99AF98CE-CFB5-459A-BA9C-76780DBC9F04}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{066D3442-FC1B-4220-9808-47B36414EA9A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2BC6A3F8-57D5-4F8A-93A6-BBE7A81BE40A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{694C6637-CFBF-4E6B-BBFF-D2983736ACEB}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0A034BC-F64F-447A-BC02-23FA16DE1ED6}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{384A3C04-A9FA-4723-8395-522021FABA64}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0812B821-E123-4D14-B2F4-DF836F0C971A}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4481768-C229-4950-BEF5-CD736F99D94B}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D103F84C-D10C-4FD7-A4EC-9F4C1F6E1B55}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D318238-F762-4C3B-9BE4-23622C7B38BD}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{645D652D-6C23-4F80-BC9A-06376D94DF11}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C91DAB41-9375-412D-9F5B-263B592937EC}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D45942BC-792F-4584-9819-BA032FBFCB5F}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7229A17D-B110-42FF-89BA-D77CEB2AEE1C}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{712761C5-86C8-4C54-B816-BAEAD8BA957F}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F00C7C86-2922-4312-A755-5C28750E08E0}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F36AD998-C790-4493-BB89-C2FEF9A23E8F}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0610D9F7-459C-4082-8C0E-214B8FDCE6CF}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD7179D7-1CDC-494C-848B-123D50D76E6C}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0F4E857-A613-4661-A58A-526E6E7A6BAB}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0234360-127E-477B-BB35-EE9F3122D6B1}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3570233D-A417-4725-AA79-ABDAC0749667}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9999A020-EC33-49A5-A7AD-F3BBFC52980B}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5263721-BA6E-4575-A3D2-21E6C915C09D}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C716C97-1B3E-4785-A615-FCC80E67F241}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E28BAE7-5290-4563-80AE-B73F383F40C7}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{066588E4-5C33-49D7-BC20-BE1C413AC10C}C:\users\honya\appdata\roaming\spotify\spotify.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C03FBE9A-4460-4D06-925A-1ACB96D607C8}C:\users\honya\appdata\roaming\spotify\spotify.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6050B49A-74C3-4E9C-A8F0-DF3EFC6E5B4A}D:\games\rito games\game\league of legends.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AABCD9BA-F9B1-4DB0-B452-FBC66CCDD3D3}D:\games\rito games\game\league of legends.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9CB52D9-9BC4-4A10-BD8D-24127F23A6FE}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8FE1784-575C-4AD7-9527-EEBFA22E13CC}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA2DE3F2-AA89-45EB-9495-5B886763E5FF}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{991F576B-6E60-4FA1-A35F-CD4B01D4C553}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92FD7E88-D32C-422D-B97D-401F91765D74}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A2056612-01DF-4F5A-B8A0-DAD47FA09760}D:\games\skyrimmod\harbor\harbor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C0D14C7E-683F-482C-B452-DA61A6D708B5}D:\games\skyrimmod\harbor\harbor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1055376-4703-4C56-9B99-CF0E359CDD32}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{476BDC30-3FF2-4538-90BE-884A7CE14D54}D:\games\steamlibrary\steamapps\common\skyrim special edition\server\server.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{454806B7-2BAA-4B52-A9F3-96E9B37B8AEB}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C65A20BC-C107-44E7-BA7E-2DC509E7BB0F}F:\programming\foobar_testapp\windowsnoeditor\foobar\binaries\win64\foobar.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{379F4BDA-17C9-4FCA-B00E-A3C127198396}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD7E8EE8-EBCD-4C4A-9E34-8103C3F7FE2E}D:\games\heroes of the storm\versions\base78256\heroesofthestorm_x64.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB4E5F59-30D1-45F7-BE6D-F9FC3727CA75}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{394BEE94-938B-4CBC-A006-52F8177D67ED}D:\games\steamlibrary\steamapps\common\sword art online fatal bullet\saofb\binaries\win64\saofb-win64-shipping.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9C31AC7-C71A-4FE4-8E87-71EB4AB52AE4}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDE27AAF-5F25-4A56-BA83-51A410840734}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEE610F0-CC1B-42B2-9B8E-A208A02D4E53}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B5BABEC-CE1F-444C-A910-167DA79DE587}" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{125933A3-E1AE-4395-8F90-403BC762BADF}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C3938E6-7CB9-46D3-9215-D95A4C952843}F:\programming\foobar_build_ds\windowsserver\foobar\binaries\win64\foobarserver-win64-shipping.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F3529EA-A9F2-45F0-8061-3805345B08F2}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9975BE2D-98EA-4B9D-9CDF-2CC463E7E9B6}D:\games\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC16522A-143B-4D58-927F-F22C940DB10B}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E1924572-8739-4042-92F7-419EA482282F}D:\games\steamlibrary\steamapps\common\sgzh school girl zombie hunter\sgzh\binaries\win64\sgzh-win64-shipping.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CC0AE691-7D6C-4041-84D9-28A10EF76F64}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B918EEE0-5C13-4B6B-AEDD-7FF9D430833B}D:\games\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{107D6FD9-A1AF-4A54-9B47-897DD12ABCC9}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4DAEA87A-B1B5-476C-AD02-219B4125F933}D:\program files\modifiablewindowsapps\pso2_bin\pso2.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9926F719-DE04-4A5A-A066-BBD6005186D0}E:\arkeditor\engine\binaries\win64\ue4editor.exe" => not found "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{036347C7-2406-48E7-A2B2-4EC333656151}E:\arkeditor\engine\binaries\win64\ue4editor.exe" => not found =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8477758 B Java, Flash, Steam htmlcache => 38536943 B Windows/system/drivers => 59328 B Edge => 0 B Chrome => 282734169 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 361 B LocalService => 361 B NetworkService => 11253 B Honya => 7158212 B RecycleBin => 0 B EmptyTemp: => 331.4 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 02:01:18 ====

#11 nasdaq

Malware Response Team
48,329 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:05:29 AM

Posted 07 September 2020 - 06:02 AM

Hi, You are not the only one with this problem in eliminating the notification. I may have found the solution. Please try this for me. I use a 3rd party security program so I do not have any History in WD. Navigate through Explorer as follows. C:\Program Data\Microsoft\Windows Defender\Scans\(you may have to click "Continue" to proceed past Scans) \History\Service. Open each of the folders in "Service" to find any reference to your PUP. Delete it. If found and deleted restart the computer normally. Is the problem solved>

#12 honya15

Topic Starter
Members
7 posts
OFFLINE

Local time:12:29 PM

Posted 07 September 2020 - 12:39 PM

Hello

Those folders contained some files with a long hexadecimal number names, but renaming the folder, also the txt files( Unknown.txt and History.txt ) seemed to solve the problem!

Restarted computer, ran scan, and it said there are no threats!

Thank you so much for the help!