Inactive-A Malware Virus

Mackiirios · May 26, 2021

So my laptop has been slow in internet connection for the past few weeks. I installed FRST.exe and scanned my system and I'll post here the log. Please help me. Thank you.

Broni · May 26, 2021

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===============================

Please, observe forum rules. All logs have to be pasted not attached.

Mackiirios · May 27, 2021

What would be my next instructions. Thank you

Broni · May 27, 2021

As I said above:
"Please, observe forum rules. All logs have to be pasted not attached."

Mackiirios · May 27, 2021

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by riosme (administrator) on MACKYR (Acer Aspire E5-573G) (26-05-2021 22:49:50)
Running from C:\Users\riosme\Desktop
Loaded Profiles: riosme & SQLTELEMETRY & MSSQLSERVER
Platform: Windows 10 Home Single Language Version 20H2 19042.928 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20560.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\riosme\AppData\Local\Programs\Opera GX\73.0.3856.434\opera.exe <45>
(Opera Software AS -> Opera Software) C:\Users\riosme\AppData\Local\Programs\Opera GX\73.0.3856.434\opera_autoupdate.exe <2>
(Opera Software AS -> Opera Software) C:\Users\riosme\AppData\Local\Programs\Opera GX\73.0.3856.434\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\riosme\AppData\Local\Programs\Opera GX\launcher.exe
(Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\wenativehost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677680 2019-12-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [564152 2021-05-21] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\riosme\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Run: [BitTorrent] => C:\Users\riosme\AppData\Roaming\BitTorrent\BitTorrent.exe [2125808 2020-11-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\riosme\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-02] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [58117792 2021-03-17] (Snapchat Inc. (Snap Inc.) -> Snap Inc)
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --bwsi --disable-background-timer-throttling --disable-default-apps --disable-extensions --disable-popup-blocking --disable-translate --no (the data entry has 203 more characters).
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Policies\Explorer: [NoLogOff] 0
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\JeppPrint: C:\Windows\System32\spool\prtprocs\x64\JeppPrint.dll [87552 2015-12-10] (Jeppesen Sanderson, Inc -> Jeppesen Sanderson, Inc.)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [388792 2016-02-23] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\WINDOWS\system32\novamnk7.dll [29472 2014-03-19] (Softland S.R.L. -> Softland)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2021-04-13]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FxSound.lnk [2021-02-21]
ShortcutTarget: FxSound.lnk -> C:\Program Files\FxSound LLC\FxSound\FxSound.exe (FxSound LLC) [File not signed]
Startup: C:\Users\riosme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP DeskJet 2130 series.lnk [2017-10-13]

Mackiirios · May 27, 2021

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {087B5F62-A2F7-41F9-A5C8-C238D6EF2A93} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D59F32D-372E-4641-A39D-5362C3AFBE34} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0DB17E8A-1772-4DE3-92E1-A46797BE7A8B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0EE5904A-7A89-4FD9-A240-4508E82F3856} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2770688 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {11B00553-86AB-41D8-B943-E088D567BC11} - System32\Tasks\{466A80C6-DAB4-4E89-8E2D-61BE4BE97754} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {142BC324-593C-444D-9CEF-859E6409710B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1785F308-391B-4D9D-8B52-186B586A90DC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1DA34A4A-70B2-4998-8927-5E4C8774F690} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {20A44527-FA0F-4031-AE20-27907045781F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {260DBD69-34E6-4114-85CC-13B64EE5A37D} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677680 2019-12-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {27CC7301-1EC8-4193-85E9-23D7AF316717} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614861560 => C:\Users\riosme\AppData\Local\Programs\Opera GX\launcher.exe [1720472 2021-04-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\riosme\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {291C47CA-6ADA-4001-9978-DB1830B67A5E} - System32\Tasks\CareCenter\EpicGamesLauncher_Reg_HKCURun_S-1-5-21-2423985164-1702367186-3377153497-1001 => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33033184 2021-05-20] (Epic Games Inc. -> Epic Games, Inc.)
Task: {2A3B9C6C-9F37-4F47-BF55-C2918E05ECA8} - System32\Tasks\HP AR Program Upload - 935a343818174a7e94584d92ffeb798fc6444b9873fb422582c02f1c99bb6f02 => C:\Program Files\HP\HP DeskJet 2130 series\bin\HPRewards.exe [3869192 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36BBD450-913E-437E-B77D-90DF1D420689} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2014-12-31] (Acer Incorporated -> Acer Incorporate)
Task: {3F899CDE-AE4B-4425-83E9-D842FF6A4698} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {3FC5F98A-C706-4CD9-8D64-F4ADEF6B2360} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42FE0D9E-9C2E-4338-87E5-8FA6953025E6} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [144896 2020-11-18] (Softdeluxe) [File not signed]
Task: {43B2136B-7C55-4E7B-8F46-4808A6696106} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-17] (Acer Incorporated -> )
Task: {4897D391-F668-477F-89D0-A238AD0E2CAE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48E838C3-2870-4303-8A17-0DD01A8DA5EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BDFC6A9-082A-4235-8DF2-304D7BEE3255} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FE6D008-05EB-4CCE-B41D-CECF32C9C30F} - System32\Tasks\CareCenter\AdobeGCInvoker-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {50D4F029-2625-40BE-8695-905DC96694B4} - System32\Tasks\CareCenter\FxSound Enhancer_Reg_HKLMWow6432Run => C:\Program Files (x86)\DFX\dfx.exe
Task: {53DBA4F1-7586-4CF2-95AC-DD142CF885AC} - System32\Tasks\HP AR Program Upload - 51cf3e574e8b4f22b5f1edb3a83bb48cfd1f799fbaf4471f91090b400cef28a5 => C:\Program Files\HP\HP DeskJet 2130 series\bin\HPRewards.exe [3869192 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {6276F698-FFD6-4AAF-9191-0C752B01C5AA} - System32\Tasks\CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {636D7269-3E75-480E-8E74-A0B59FFAE7A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {63D466EC-947C-49A7-91B6-97B9CBE7582C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {66203D4B-1705-4AA9-A4A4-E87DB19E3B9A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-10-13] (Adobe Inc. -> Adobe)
Task: {66662AC9-BF8B-4447-992B-3661FDBB8E26} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {694CDAAC-E90D-4CF2-9C02-06E066B5ADB2} - System32\Tasks\CareCenter\Free Download Manager_Reg_HKCURun_S-1-5-21-2423985164-1702367186-3377153497-1001 => C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe [4640256 2020-11-18] (Softdeluxe) [File not signed]
Task: {6CB11EA5-718E-43C6-A3B1-B9780B3EA291} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72AB7D64-BA2B-44F2-9AE9-31C0D37D7C8A} - System32\Tasks\CareCenter\Launch LCore_Reg_HKLMRun => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
Task: {73BB35BE-A4F7-4C6A-9368-C1272E3F4102} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {76C3FBD0-72C7-44BE-A10E-400B297DE2E0} - System32\Tasks\CareCenter\Adobe Creative Cloud_Reg_HKLMWow6432Run => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {78E580C2-A3C0-4843-BF83-7EC55DDD252A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {8200940D-F9EB-4AB9-82D1-17EE8423E594} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {825CFBD3-A2A8-43FC-A6FA-29E6EE8A9A5F} - System32\Tasks\CareCenter\DriveUtilitiesHelper_Reg_HKLMWow6432Run => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A4DCD8D-6532-4EC7-AEFD-74E6F015A414} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8CBE3325-1DAC-4656-9AE8-58FCED27D2DC} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {8E2A2458-013B-4BE4-B3B2-86314A294127} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {94A08ABF-3D55-466A-B5CD-A3D9C032523D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {954ADF3B-5504-4EED-A52B-08A33C8ED421} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2021-04-29] (Microsoft Corporation -> Microsoft)
Task: {983DA4D7-40A3-45BC-80A1-6ACC9D4DA0FE} - System32\Tasks\CareCenter\Riot Vanguard_Reg_HKLMRun => C:\Program Files\Riot Vanguard\vgtray.exe [564152 2021-05-21] (Riot Games, Inc. -> Riot Games, Inc.)
Task: {9AFCFBC7-55C2-4140-B522-DDB9077F5FDF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F24A116-71D0-495A-A4BF-58209D4DFE5A} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2015-02-04] (Acer Incorporated -> Acer Incorporated)
Task: {A1DD1E5B-0742-469C-B191-4A0F0B8AE547} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2437920 2017-10-02] (Acer Incorporated -> Acer)
Task: {AA8151C4-5501-48EF-AF30-70B6FCCD9AD7} - System32\Tasks\FxSound\Update => C:\Program [Argument = Files\FxSound LLC\FxSound\updater.exe /silent]
Task: {AEC5E73E-CE47-4821-A62E-CA67431300A9} - System32\Tasks\Opera GX scheduled Autoupdate 1596300062 => C:\Users\riosme\AppData\Local\Programs\Opera GX\launcher.exe [1720472 2021-04-16] (Opera Software AS -> Opera Software)
Task: {B00183FD-75EE-46E1-912B-43CA84558CD7} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {B051201C-CD7F-49E9-97E9-37019249CB81} - System32\Tasks\DropboxOEM => c:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [478576 2014-12-13] (Dropbox, Inc -> )
Task: {B496A720-BC04-4EE9-85BB-432D005CC379} - System32\Tasks\CareCenter\Autodesk Desktop App_Reg_HKLMWow6432Run => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
Task: {BA42F130-BDF8-4D6E-86F4-3CC16A17F780} - System32\Tasks\[RunAsTask] AutoWhitelister.exe @3734028795 => C:\Users\riosme\Desktop\WhiteK\AutoWhitelister.exe
Task: {BF43D596-1684-42DC-95BD-23D53BFC1CA6} - System32\Tasks\{F320D295-F145-485F-9FFB-FF776B688F77} => C:\Windows\system32\pcalua.exe -a C:\Users\riosme\Desktop\Downloads\dcabr.exe -d C:\Users\riosme\Desktop\Downloads
Task: {C1281B03-0E28-47A1-AB79-1BED2FC7FF34} - System32\Tasks\SIMDB_75b6e096fc79c825286efd6614b8d0f4 => C:\Program Files (x86)\SIMDashboardServer\SIMDashboardServer.exe
Task: {CAAC6DBB-F152-4371-BFE1-97F7B27CBE9F} - System32\Tasks\CareCenter\AdobeAAMUpdater-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CB540F93-A838-4056-91A0-3FF8DB397623} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1CDF202-A583-4C0F-92E8-8D9B72B83DC2} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-macky.rios@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D3CC89A3-55FD-405B-B2E5-BD010FBCB55F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D3FA7D87-A474-411C-8E30-FF0707E47CDD} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2015-02-04] (Acer Incorporated -> Acer Incorporated)
Task: {D46B5FF4-6B20-48CE-8B2C-CDC19B994914} - System32\Tasks\{695F50EE-A97C-432D-91BD-74300CB2D795} => C:\WINDOWS\system32\pcalua.exe -a "C:\Games\cc\Command and Conquer Generals + Zero Hour\Command & Conquer Generals Zero Hour\generals.exe" -d "C:\Games\cc\Command and Conquer Generals + Zero Hour\Command & Conquer Generals Zero Hour"
Task: {D55A705C-B4AA-4021-B1D2-34FC2C5CB77C} - System32\Tasks\CareCenter\HP Software Update_Reg_HKLMWow6432Run => C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {D6F5847D-8DBA-49AB-AF3C-6FC8C53E2869} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DE306F98-487F-4AF7-B869-31F730CBAE3D} - \WPD\SqmUpload_S-1-5-21-2423985164-1702367186-3377153497-1001 -> No File <==== ATTENTION
Task: {E15E2A0F-1B69-4D69-8785-BB3BDA7310AF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1BD45B9-9922-4E64-A15D-45B6821349ED} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E357A205-0127-4704-BC6C-629509517E13} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {E4260CA3-1C7D-4595-A54B-243B07BC178D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E96D6279-FD34-43F1-924F-4D85E7FB2B41} - System32\Tasks\HP AR Program Upload - ac52e561b38f443d9f5e793572319be51688bf095dc24aa6a90104e682cdb10f => C:\Program Files\HP\HP DeskJet 2130 series\bin\HPRewards.exe [3869192 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {EA2360C2-2C79-447A-A1B1-DEC6394BCCE5} - System32\Tasks\HP AR Program Upload - 65a609ac65524c3b9f1dc3c2188e9b9e885012d7e2de43d59bbe5a4b77e67060 => C:\Program Files\HP\HP DeskJet 2130 series\bin\HPRewards.exe [3869192 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {EE60F184-F4E2-4931-B898-A5E9B710A42E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EEF9AAF9-D5E2-4AAF-85F7-13285E04C03A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EFF3F6C2-4381-4A39-A0A8-644291F74717} - System32\Tasks\{00C14E13-5C52-44C5-9370-8DBB1D6AAAD7} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {EFFACE0C-A031-47D1-888B-390DCE59048E} - System32\Tasks\CareCenter\com.squirrel.Teams.Teams_Reg_HKCURun_S-1-5-21-2423985164-1702367186-3377153497-1001 => C:\Users\riosme\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
Task: {F2C8BF6A-C73C-4DDE-86EF-E9122A9A08C1} - System32\Tasks\HP AR Program Upload - 62a7a875cf164600a350f8ed89db8b7a46a582d1267a493d80234432fe264885 => C:\Program Files\HP\HP DeskJet 2130 series\bin\HPRewards.exe [3869192 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {F663F576-29FC-4D7F-AB19-1E7085953E19} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Mackiirios · May 27, 2021

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{30dbd95f-3e62-42a7-8b46-7091d06bf182}: [DhcpNameServer] 172.24.0.11 172.24.0.12 172.24.0.13
Tcpip\..\Interfaces\{f6711f3a-c94e-4cd4-a147-62ed55281896}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\riosme\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\riosme\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-26]
Edge Notifications: Default -> hxxps://www.messenger.com
Edge Session Restore: Default -> is enabled.
Edge Extension: (Free Download Manager) - C:\Users\riosme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-03-07]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\riosme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-03-07]

FireFox:
========
FF DefaultProfile: qwu42ts8.default
FF ProfilePath: C:\Users\riosme\AppData\Roaming\Mozilla\Firefox\Profiles\qwu42ts8.default [2020-09-05]
FF ProfilePath: C:\Users\riosme\AppData\Roaming\Mozilla\Firefox\Profiles\79wac15n.default-release [2020-09-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-10-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-10-13] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default [2020-05-31]
CHR Notifications: Default -> hxxps://beta.faceit.com; hxxps://linustechtips.com; hxxps://mail.google.com; hxxps://mg.mail.yahoo.com; hxxps://padlet.com; hxxps://twitter.com; hxxps://us-mg6.mail.yahoo.com; hxxps://web.telegram.org; hxxps://www.faceit.com; hxxps://www.honestbee.ph; hxxps://www.honestbee.sg; hxxps://www.instagram.com; hxxps://www.messenger.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?barid={AA2C4760-B312-11E2-957B-A1226FF24364}&crg=3.1010000.10011&st=23"
CHR NewTab: Default -> Active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html"
CHR Extension: (Slides) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (Turn Off the Lights for YouTube™) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2019-07-08]
CHR Extension: (YouTube) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-01]
CHR Extension: (Ban Checker for Steam) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2019-03-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-30]
CHR Extension: (Steam Inventory Helper) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2019-06-30]
CHR Extension: (Google Search) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Infinity New Tab - Productivity&Speed Dial) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg [2019-06-22]
CHR Extension: (Sheets) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (NetBeans Connector) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2019-01-28]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-08-13]
CHR Extension: (SteamWizard) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojolejmgolbhakghocbgjemjgbmcjig [2019-03-13]
CHR Extension: (Fair AdBlocker) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2019-06-22]
CHR Extension: (Boomerang for Gmail) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-10-17]
CHR Extension: (Facebook Screen Sharing) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfpggehkhmjpdjpefomjchjafhmbnai [2018-06-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Material Dark) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\npadhaijchjemiifipabpmeebeelbmpd [2018-10-11]
CHR Extension: (Speedtest by Ookla) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2019-04-09]
CHR Extension: (Gmail) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-30]
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-10]
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-10]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001) Opera GXStable - "C:\Users\riosme\AppData\Local\Programs\Opera GX\Launcher.exe"

Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2020-08-02]
BRA Notifications: Default -> hxxps://mail.google.com; hxxps://meet.google.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.messenger.com; hxxps://www.youtube.com; hxxps://www1.ecleneue.com
BRA NewTab: Default -> Active:"chrome-extension://hdpcadigjkbcpnlcpbcohpafiaefanki/index.html"
BRA Extension: (Google Translate) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
BRA Extension: (Ban Checker for Steam) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2020-05-05]
BRA Extension: (Steam Inventory Helper) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2020-07-24]
BRA Extension: (WhatRuns) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmkdbmfndkfgebldhnkbfhlneefdaaip [2020-01-31]
BRA Extension: (Dark Reader) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-07-28]
BRA Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2020-07-26]
BRA Extension: (nightTab) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdpcadigjkbcpnlcpbcohpafiaefanki [2020-06-16]
BRA Extension: (Grammarly for Chrome) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-07-31]
BRA Extension: (Boomerang for Gmail) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-07-23]
BRA Extension: (Custom Cursor for Chrome™) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2020-03-05]
BRA Extension: (Deep Space Theme in Black) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pembcnmmbjikdbodfllkkkdaegalobbj [2020-02-02]
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2020-06-10]
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2019-07-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-08-02]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2020-08-02]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-07-23]
BRA Extension: (PDF Viewer) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-15]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-07-13]

Mackiirios · May 27, 2021

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc. -> Apple Inc.)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-09] (BattlEye Innovations e.K. -> )
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated -> Acer Incorporated)
S2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
S2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-31] (Acer Incorporated -> Acer Incorporate)
S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2021-05-26] (Malwarebytes Inc -> Malwarebytes)
S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed]
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [623504 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-10] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [476904 2015-02-04] (Acer Incorporated -> Acer Incorporated)
S2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-06-21] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [689040 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [283536 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [251232 2015-09-14] (Acer Incorporated -> acer)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10322376 2021-05-21] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWoW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-03-27] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWoW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-03-27] (Microsoft Windows -> Microsoft Corporation)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aow_drv; C:\Program Files\TxGameAssistant\UI\2.0.6479.123\aow_drv_x64_ev.sys [853776 2018-09-14] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2015-10-07] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [84472 2015-10-07] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2016-01-21] (Hardware Group Test Cert -> Microsoft Corporation)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-09] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-09] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217088 2021-05-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-05-26] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsld75dfb79; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12E9BA01-07F0-451B-9974-5A3329C02A31}\MpKslDrv.sys [107744 2021-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2017-02-15] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S4 RsFx0600; C:\WINDOWS\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [44080 2017-10-27] (Shaul Eizikovich -> Nefarius Software Solutions)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2019-11-20] () [File not signed]
R3 VCSVADHWSer; C:\WINDOWS\System32\drivers\vcsvad.sys [21504 2008-12-26] (AVSOFT CORP. -> Avnex)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8182600 2021-05-21] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [57976 2017-04-06] (Shaul Eizikovich -> Shaul Eizikovich)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-01-10] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-06-01] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-26 23:06 - 2021-05-26 23:06 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-26 23:06 - 2021-05-26 23:06 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-26 23:06 - 2021-05-26 23:06 - 000002025 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-26 23:05 - 2021-05-26 23:05 - 000217088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-26 23:02 - 2021-05-26 23:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-26 22:49 - 2021-05-26 23:07 - 000048279 _____ C:\Users\riosme\Desktop\FRST.txt
2021-05-26 22:39 - 2021-05-26 22:39 - 000000000 ____D C:\Users\riosme\Desktop\FRST-OlderVersion
2021-05-26 22:38 - 2021-05-26 22:39 - 000006865 _____ C:\Users\riosme\Desktop\fixlist.txt
2021-05-26 22:37 - 2021-05-26 22:39 - 000000000 ____D C:\Users\riosme\Downloads\FRST-OlderVersion
2021-05-26 22:35 - 2021-05-26 23:04 - 000000000 ____D C:\FRST
2021-05-26 09:46 - 2021-05-26 09:46 - 016475435 _____ C:\Users\riosme\Downloads\Server_2012_20411B_ENU_Trainer_Handbook.pdf
2021-05-25 14:02 - 2021-05-25 14:02 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-05-25 13:51 - 2021-05-14 02:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-05-25 13:51 - 2021-05-14 02:17 - 005678360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-05-25 13:50 - 2021-05-14 02:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-25 13:50 - 2021-05-14 02:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-25 13:50 - 2021-05-14 02:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-05-25 13:50 - 2021-05-14 02:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-25 13:50 - 2021-05-14 02:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-25 13:50 - 2021-05-14 02:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-05-25 13:50 - 2021-05-14 02:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-25 13:50 - 2021-05-14 02:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-25 13:50 - 2021-05-14 02:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-25 13:50 - 2021-05-14 02:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-25 13:50 - 2021-05-14 02:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-25 13:50 - 2021-05-14 02:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-25 13:50 - 2021-05-14 02:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-05-25 13:50 - 2021-05-14 02:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-05-25 13:50 - 2021-05-14 02:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-05-25 13:50 - 2021-05-14 02:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-05-25 13:50 - 2021-05-14 02:18 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-25 13:50 - 2021-05-14 02:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-25 13:50 - 2021-05-14 02:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-05-25 13:50 - 2021-05-14 02:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-05-25 13:50 - 2021-05-14 02:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-05-25 13:50 - 2021-05-14 02:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-25 13:50 - 2021-05-14 02:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-25 13:50 - 2021-05-14 02:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-25 13:50 - 2021-05-14 02:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-25 13:50 - 2021-05-14 02:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-05-25 13:50 - 2021-05-14 02:15 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-25 13:50 - 2021-05-13 18:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-23 15:14 - 2021-05-23 15:50 - 989000187 _____ C:\Users\riosme\Downloads\Flight Factor-Airbus A350 1.6.16.rar
2021-05-22 22:29 - 2021-05-22 22:29 - 001854668 _____ C:\Users\riosme\Downloads\Module6-THC1107.pdf
2021-05-22 22:28 - 2021-05-22 22:28 - 001954987 _____ C:\Users\riosme\Downloads\Module4-THC110728129.pdf
2021-05-22 22:28 - 2021-05-22 22:28 - 001336910 _____ C:\Users\riosme\Downloads\Module5-THC1107.pdf
2021-05-20 23:22 - 2021-05-20 23:22 - 000829751 _____ C:\Users\riosme\Downloads\LHTLecture13C.pdf
2021-05-20 23:21 - 2021-05-20 23:21 - 000125471 _____ C:\Users\riosme\Downloads\LHTLecture13B.pdf
2021-05-20 23:20 - 2021-05-20 23:20 - 000150375 _____ C:\Users\riosme\Downloads\LHTLecture13A.pdf
2021-05-20 23:18 - 2021-05-20 23:19 - 000266964 _____ C:\Users\riosme\Downloads\LHTLecture10.pdf
2021-05-19 19:10 - 2021-05-26 22:39 - 002299904 _____ (Farbar) C:\Users\riosme\Desktop\FRST64.exe
2021-05-19 19:10 - 2021-05-26 22:37 - 002299904 _____ (Farbar) C:\Users\riosme\Downloads\FRST64.exe
2021-05-18 13:42 - 2021-05-18 13:42 - 564499833 _____ C:\Users\riosme\Downloads\ToLiss - A319 v1.6.1.7z
2021-05-17 21:42 - 2021-05-17 21:42 - 001481110 _____ C:\Users\riosme\Downloads\Preventive_Maintenance_Policies_and_Procedures (2).pdf
2021-05-17 18:30 - 2021-05-17 18:30 - 1418626751 _____ C:\Users\riosme\Downloads\A330 JarDesign (1).rar
2021-05-15 19:39 - 2021-05-15 19:39 - 000000000 ____D C:\Users\riosme\AppData\LocalLow\JUJUBEE_S_A
2021-05-14 23:49 - 2021-05-14 23:49 - 000100074 _____ C:\Users\riosme\Desktop\3c.zip
2021-05-14 23:12 - 2021-05-14 23:12 - 893517045 _____ C:\Users\riosme\Downloads\SSG 747v2.rar
2021-05-14 22:14 - 2021-05-14 23:19 - 000000000 ____D C:\Users\riosme\Desktop\finals3c
2021-05-14 00:05 - 2021-05-14 00:05 - 000620839 _____ C:\Users\riosme\Downloads\Coffee-Maker-JUnit-master.zip
2021-05-13 22:16 - 2021-05-13 22:16 - 000291066 _____ C:\Users\riosme\Downloads\TestPlan.pdf
2021-05-13 22:05 - 2021-05-13 22:05 - 002113819 _____ C:\Users\riosme\Downloads\introduction_to_software_testing-main.zip
2021-05-13 19:10 - 2021-05-14 23:37 - 000004894 _____ C:\Users\riosme\Downloads\main.dart
2021-05-12 13:00 - 2021-05-12 13:00 - 002999370 _____ C:\Users\riosme\Downloads\GELOMIO, RAFAEL-BC (1).pdf
2021-05-12 12:22 - 2021-05-12 12:22 - 000387944 _____ C:\Users\riosme\Downloads\Macky Rios_VCAS (1).pdf
2021-05-12 12:06 - 2021-05-12 12:06 - 000189279 _____ C:\Users\riosme\Downloads\E-Certificate.pdf
2021-05-12 11:32 - 2021-05-12 11:32 - 000342309 _____ C:\Users\riosme\Downloads\Coursera UAZWRV7GYEAV.pdf
2021-05-12 00:00 - 2021-05-12 00:00 - 000000000 ____D C:\Users\riosme\.nuget
2021-05-11 22:59 - 2021-05-11 22:59 - 000015425 _____ C:\Users\riosme\Downloads\EquipmentsController.txt
2021-05-11 22:57 - 2021-05-11 22:57 - 000003565 _____ C:\Users\riosme\Downloads\Equipments.zip
2021-05-11 21:36 - 2021-05-11 21:36 - 000083013 _____ C:\Users\riosme\Downloads\googleitsupport.zip
2021-05-11 21:23 - 2021-05-11 21:23 - 000301187 _____ C:\Users\riosme\Downloads\Google_IT_Support_Certificate_Badge20210511-58-1gzv94n.pdf
2021-05-11 21:19 - 2021-05-11 21:19 - 000298945 _____ C:\Users\riosme\Downloads\Coursera Q7E3XRMY856Z.pdf
2021-05-11 19:42 - 2021-05-11 19:42 - 000298566 _____ C:\Users\riosme\Downloads\Coursera EX6SV6MBPF2M.pdf
2021-05-11 14:09 - 2021-05-11 14:09 - 000298859 _____ C:\Users\riosme\Downloads\Coursera GTUEMWVNS7QN.pdf
2021-05-11 10:29 - 2021-05-11 10:29 - 000298953 _____ C:\Users\riosme\Downloads\Coursera 3UUER2QKHSQQ.pdf
2021-05-11 09:29 - 2021-05-11 09:29 - 000070324 _____ C:\Users\riosme\Downloads\Week 3 - Graded Quiz Answers.pdf
2021-05-11 08:08 - 2021-05-11 08:08 - 000043434 _____ C:\Users\riosme\Downloads\Week 1 - Graded Quiz Answers.pdf
2021-05-11 07:32 - 2021-05-11 07:32 - 000298454 _____ C:\Users\riosme\Downloads\Coursera 2775RG5W7G9K.pdf
2021-05-11 00:43 - 2021-05-11 00:43 - 004967576 _____ C:\Users\riosme\Downloads\Sabtang Island.pdf
2021-05-10 20:54 - 2021-05-10 20:54 - 000260635 _____ C:\Users\riosme\Downloads\WeeklyProgressReport8.pdf
2021-05-10 20:54 - 2021-05-10 20:54 - 000260174 _____ C:\Users\riosme\Downloads\WeeklyProgressReport7.pdf
2021-05-10 20:54 - 2021-05-10 20:54 - 000259444 _____ C:\Users\riosme\Downloads\WeeklyProgressReport10.pdf
2021-05-10 20:54 - 2021-05-10 20:54 - 000259319 _____ C:\Users\riosme\Downloads\WeeklyProgressReport9.pdf
2021-05-10 20:54 - 2021-05-10 20:54 - 000258846 _____ C:\Users\riosme\Downloads\WeeklyProgressReport11.pdf
2021-05-10 20:32 - 2021-05-10 20:32 - 000259562 _____ C:\Users\riosme\Downloads\WeeklyProgressReport4.pdf
2021-05-10 20:32 - 2021-05-10 20:32 - 000258386 _____ C:\Users\riosme\Downloads\WeeklyProgressReport5.pdf
2021-05-10 20:32 - 2021-05-10 20:32 - 000254530 _____ C:\Users\riosme\Downloads\WeeklyProgressReport6.pdf
2021-05-10 20:29 - 2021-05-10 20:30 - 000257194 _____ C:\Users\riosme\Downloads\WeeklyProgressReport3.pdf
2021-05-10 20:28 - 2021-05-10 20:29 - 000258839 _____ C:\Users\riosme\Downloads\WeeklyProgressReport2.pdf
2021-05-10 20:28 - 2021-05-10 20:28 - 000222222 _____ C:\Users\riosme\Downloads\WeeklyProgressReport1.pdf
2021-05-10 00:25 - 2021-05-10 00:25 - 004286073 _____ C:\Users\riosme\Downloads\New Society.pptx
2021-05-09 18:26 - 2021-05-10 11:47 - 002296703 _____ C:\Users\riosme\Downloads\TraceCov Defense.pptx
2021-05-09 13:00 - 2021-05-19 17:37 - 000009875 _____ C:\Users\riosme\Desktop\scriptdefense1.txt
2021-05-08 22:12 - 2021-05-08 22:57 - 000000000 ____D C:\Users\riosme\AppData\Roaming\hershy
2021-05-08 22:11 - 2021-05-14 12:22 - 000000000 ____D C:\Users\riosme\Desktop\Hershy Launcher
2021-05-05 23:16 - 2021-05-05 23:16 - 004433053 _____ C:\Users\riosme\Downloads\Hershy_Launcher.rar
2021-05-05 22:24 - 2021-05-05 22:24 - 000011533 _____ C:\Users\riosme\Downloads\AccountsController.cs.txt
2021-05-05 22:16 - 2021-05-05 22:16 - 000003389 _____ C:\Users\riosme\Downloads\Accounts.zip
2021-05-05 15:34 - 2021-05-05 15:34 - 000097430 _____ C:\Users\riosme\Downloads\22nd.pdf
2021-05-04 18:49 - 2021-05-04 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI New Frontier Pass Portugal
2021-05-04 18:18 - 2021-05-04 18:49 - 000000000 ____D C:\Program Files (x86)\Sid Meiers Civilization VI New Frontier Pass Portugal
2021-05-03 22:17 - 2021-05-03 22:55 - 964615738 _____ C:\Users\riosme\Downloads\Flight Factor - Airbus A350 V1.6.8 - Copy.rar
2021-04-30 13:17 - 2021-04-30 13:17 - 000387944 _____ C:\Users\riosme\Downloads\Macky Rios_VCAS.pdf
2021-04-30 00:03 - 2021-04-30 00:03 - 000001804 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2021-04-29 23:51 - 2021-04-29 23:51 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\2052
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1042
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1041
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1031
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\1028
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\3082
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\2052
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1055
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1049
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1046
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1045
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1042
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1041
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1040
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1036
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1031
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1029
2021-04-29 23:38 - 2021-04-29 23:38 - 000000000 ____D C:\WINDOWS\system32\1028
2021-04-29 23:32 - 2021-04-29 23:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2021-04-29 23:28 - 2021-04-29 23:28 - 000000000 ____D C:\Program Files (x86)\NuGet
2021-04-29 23:19 - 2021-04-29 23:19 - 000001803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2021-04-29 01:55 - 2021-04-29 01:55 - 000030469 _____ C:\Users\riosme\Downloads\1844442251_Fine_Road_Tool_2.0.4.zip
2021-04-29 01:06 - 2021-04-29 01:07 - 000971087 _____ C:\Users\riosme\Downloads\Euro Truck Simulator 2 v1.16.x.x - v1.40.x.x Plus +15 Trainer.zip
2021-04-28 23:49 - 2021-04-28 23:49 - 000586703 _____ C:\Users\riosme\Downloads\2140418403_Intersection_Marking_Tool_1.7.zip
2021-04-28 23:49 - 2021-04-28 23:49 - 000047674 _____ C:\Users\riosme\Downloads\1625704117_Roundabout_Builder.zip
2021-04-28 23:48 - 2021-04-28 23:48 - 000550882 _____ C:\Users\riosme\Downloads\1934023593_Hide_TMPE_crosswalks_V3.0___stable_ (1).zip
2021-04-28 23:48 - 2021-04-28 23:48 - 000260856 _____ C:\Users\riosme\Downloads\2030755273_Automatic_Pedestrian_Bridge_Builder_V2.0__Beta_.zip
2021-04-28 23:48 - 2021-04-28 23:48 - 000013849 _____ C:\Users\riosme\Downloads\1934023593_Hide_TMPE_crosswalks_V3.0___stable_.zip
2021-04-28 23:47 - 2021-04-28 23:47 - 000221508 _____ C:\Users\riosme\Downloads\2085403475_Node_controller_V2.2___Beta_.zip
2021-04-28 23:47 - 2021-04-28 23:47 - 000049200 _____ C:\Users\riosme\Downloads\2172488844_Picker.zip
2021-04-28 23:47 - 2021-04-28 23:47 - 000032431 _____ C:\Users\riosme\Downloads\1677913611_Smart_Intersection_Builder.zip
2021-04-28 23:46 - 2021-04-28 23:46 - 000049669 _____ C:\Users\riosme\Downloads\2389414419_Zoning_Adjuster_1.1.1.zip
2021-04-28 23:07 - 2021-04-28 23:07 - 006039712 _____ C:\Users\riosme\Downloads\2238464694_Seahorse_Islands_Archipelago.zip
2021-04-28 22:19 - 2021-04-28 22:19 - 000265081 _____ C:\Users\riosme\Downloads\1619685021_Move_It.zip
2021-04-28 22:08 - 2021-04-28 22:08 - 000331946 _____ C:\Users\riosme\Downloads\2057780822_Automatic_Bulldoze_v3.zip
2021-04-26 23:48 - 2021-04-26 23:48 - 000000000 ____D C:\Users\Default\.dotnet
2021-04-26 22:31 - 2021-04-26 22:31 - 004149698 _____ C:\Users\riosme\Downloads\ThomCare_PowerPoint-Presentation.pptx
2021-04-26 22:14 - 2021-04-26 22:14 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2021-04-26 22:13 - 2021-04-26 22:13 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-04-26 22:08 - 2021-04-26 22:35 - 000000000 ____D C:\Program Files (x86)\Microsoft ASP.NET

Mackiirios · May 27, 2021

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-26 23:08 - 2018-01-03 20:55 - 000000000 ____D C:\Users\riosme\AppData\Roaming\discord
2021-05-26 23:05 - 2021-03-22 19:57 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-26 23:02 - 2021-03-22 19:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-26 23:01 - 2018-01-03 20:54 - 000000000 ____D C:\Users\riosme\AppData\Local\Discord
2021-05-26 22:59 - 2018-03-05 16:18 - 000000000 ____D C:\Users\riosme\AppData\Local\Packages
2021-05-26 22:57 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-26 22:55 - 2021-02-21 19:43 - 000000000 ____D C:\ProgramData\FxSound
2021-05-26 22:42 - 2017-07-28 11:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-26 22:33 - 2015-07-21 02:55 - 000000000 ____D C:\Users\riosme\AppData\Local\NVIDIA
2021-05-26 22:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-26 22:14 - 2020-05-23 15:37 - 000000000 ____D C:\ProgramData\Riot Games
2021-05-26 22:12 - 2021-02-21 19:44 - 000000000 ____D C:\Users\riosme\AppData\Roaming\FxSound
2021-05-26 21:56 - 2017-12-08 15:40 - 000000000 ____D C:\Users\riosme\Documents\Euro Truck Simulator 2
2021-05-26 21:54 - 2015-11-01 08:35 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-26 19:33 - 2020-06-02 12:10 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-05-26 19:19 - 2018-07-13 20:46 - 000000000 ____D C:\Users\riosme\AppData\Local\D3DSCache
2021-05-26 19:00 - 2021-03-26 15:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-26 09:28 - 2019-10-04 20:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-26 09:28 - 2019-10-04 20:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-26 09:20 - 2017-07-28 11:23 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-26 09:20 - 2015-07-21 02:54 - 000000000 __SHD C:\Users\riosme\IntelGraphicsProfiles
2021-05-26 09:19 - 2021-03-26 16:34 - 001145192 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-26 09:19 - 2019-12-07 17:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-26 09:15 - 2021-04-13 01:30 - 000000000 ____D C:\ProgramData\Jeppesen
2021-05-26 09:15 - 2021-03-26 19:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-05-26 09:15 - 2021-03-26 17:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-26 09:15 - 2021-03-26 15:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-26 09:06 - 2016-11-03 19:24 - 000000000 ____D C:\Users\riosme\AppData\Local\Adobe
2021-05-25 19:03 - 2017-07-28 11:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-25 18:37 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-25 14:05 - 2018-07-12 22:48 - 000000000 ____D C:\ProgramData\Packages
2021-05-25 14:04 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-25 14:02 - 2019-10-25 11:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-05-22 20:31 - 2016-07-06 14:17 - 000000000 ___RD C:\Users\riosme\Desktop\G
2021-05-22 17:13 - 2015-07-21 03:11 - 000000000 ____D C:\Users\riosme\AppData\Local\CrashDumps
2021-05-22 12:37 - 2020-06-11 19:48 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-20 15:12 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-20 12:40 - 2020-04-01 19:14 - 000000112 _____ C:\Users\riosme\AppData\Local\X-Plane_drm_11.prf
2021-05-20 12:18 - 2020-12-09 12:43 - 000000102 _____ C:\Users\riosme\AppData\Local\X-Plane_xdd_11.prf
2021-05-18 01:00 - 2018-01-03 11:03 - 000000000 ____D C:\ProgramData\TruckersMP
2021-05-17 00:24 - 2015-11-28 11:32 - 000000000 ____D C:\Users\riosme\AppData\Roaming\BitTorrent
2021-05-16 21:59 - 2021-02-13 01:11 - 000000000 ____D C:\Users\riosme\AppData\Local\BitTorrentHelper
2021-05-16 21:48 - 2015-11-07 09:37 - 000000000 ____D C:\Movies
2021-05-16 21:38 - 2015-11-04 10:25 - 000000000 ____D C:\gg
2021-05-16 21:37 - 2017-10-10 20:13 - 000000000 ____D C:\Games
2021-05-15 20:13 - 2020-06-25 13:14 - 000000000 ____D C:\Users\riosme\Desktop\OJT DOCUMENTS
2021-05-15 10:54 - 2018-03-05 16:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 23:51 - 2017-07-15 21:53 - 000000000 ____D C:\Users\riosme\AppData\Roaming\Code
2021-05-14 22:19 - 2021-02-17 19:06 - 000000125 _____ C:\Users\riosme\AppData\Roaming\.flutter_tool_state
2021-05-14 02:18 - 2021-03-08 12:54 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-05-14 02:15 - 2021-03-08 12:54 - 007212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-14 02:04 - 2015-11-07 13:16 - 000000000 ____D C:\Users\riosme\AppData\Roaming\vlc
2021-05-13 21:07 - 2021-03-26 17:30 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2423985164-1702367186-3377153497-1001
2021-05-13 21:07 - 2021-03-26 16:13 - 000002374 _____ C:\Users\riosme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-13 21:07 - 2015-11-01 08:31 - 000000000 ___RD C:\Users\riosme\OneDrive
2021-05-12 12:49 - 2021-02-24 13:54 - 000000000 ____D C:\Users\riosme\Desktop\299
2021-05-12 00:55 - 2021-02-24 13:56 - 000000000 ____D C:\Users\riosme\Desktop\IT-ELEC2C
2021-05-12 00:54 - 2017-10-10 21:03 - 000000000 ____D C:\Users\riosme\Desktop\wordy
2021-05-12 00:52 - 2021-01-29 17:36 - 000000000 ____D C:\Users\riosme\Desktop\IT-ELEC4C
2021-05-12 00:51 - 2021-01-29 23:17 - 000000000 ____D C:\Users\riosme\Documents\Bandicam
2021-05-12 00:28 - 2020-08-23 13:58 - 000000000 ____D C:\Users\riosme\AppData\Local\.IdentityService
2021-05-12 00:00 - 2021-03-26 16:13 - 000000000 ____D C:\Users\riosme
2021-05-12 00:00 - 2020-08-22 18:21 - 000000000 ____D C:\Users\riosme\AppData\Local\NuGet
2021-05-10 20:37 - 2019-12-07 17:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-10 16:01 - 2021-04-23 12:33 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-05-10 14:44 - 2021-01-29 23:35 - 000000000 ____D C:\Users\riosme\AppData\Roaming\obs-studio
2021-05-08 22:17 - 2019-11-01 14:12 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-05-08 22:16 - 2016-08-18 13:09 - 000000000 ____D C:\Program Files\Rockstar Games
2021-05-07 21:01 - 2020-08-08 13:51 - 000000000 ____D C:\Users\riosme\AppData\Local\FiveM
2021-05-06 20:26 - 2021-04-10 15:00 - 013246698 _____ C:\Users\riosme\Downloads\Water-based-transportation (1).pptx
2021-05-04 02:23 - 2021-01-30 23:33 - 000000015 _____ C:\Users\riosme\AppData\Roaming\obs-virtualcam.txt
2021-05-04 02:00 - 2021-02-03 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2021-05-03 15:08 - 2020-07-30 23:32 - 000000000 ____D C:\xampp
2021-04-30 22:56 - 2021-03-17 20:06 - 000000000 ____D C:\Users\riosme\AppData\Roaming\WeMod
2021-04-30 14:10 - 2020-08-29 19:04 - 000000000 ____D C:\Users\riosme\.templateengine
2021-04-30 13:51 - 2020-08-22 19:32 - 000000000 ____D C:\Program Files\IIS Express
2021-04-30 13:51 - 2020-08-22 19:32 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-04-30 00:09 - 2020-08-22 18:52 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-04-29 23:57 - 2019-12-07 17:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-29 23:51 - 2020-08-22 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2021-04-29 23:50 - 2020-08-22 20:29 - 000000000 ____D C:\Program Files\Application Verifier
2021-04-29 23:50 - 2020-08-22 20:29 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2021-04-29 23:49 - 2015-02-14 16:37 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-29 23:38 - 2020-08-22 19:40 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2021-04-29 23:38 - 2020-08-22 19:40 - 000000000 ____D C:\WINDOWS\system32\1033
2021-04-29 23:24 - 2020-08-22 18:52 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2021-04-29 23:24 - 2020-08-22 18:50 - 000000000 ____D C:\Users\riosme\.dotnet
2021-04-29 20:07 - 2020-08-17 18:06 - 000000000 ____D C:\Users\riosme\AppData\Roaming\Visual Studio Setup
2021-04-29 20:07 - 2020-08-17 18:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-04-29 19:26 - 2021-04-24 16:49 - 000000000 ____D C:\Users\riosme\Documents\Visual Studio 2017
2021-04-29 09:14 - 2015-12-28 15:20 - 000000000 ____D C:\Users\riosme\AppData\Local\ElevatedDiagnostics
2021-04-28 12:09 - 2021-04-04 19:24 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-27 23:41 - 2017-08-22 15:05 - 000000000 ____D C:\Users\riosme\AppData\Local\Roblox
2021-04-27 23:40 - 2021-03-27 18:02 - 000000000 ____D C:\Users\riosme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-04-27 23:34 - 2017-08-22 15:05 - 000000252 _____ C:\Users\riosme\AppData\LocalLow\rbxcsettings.rbx
2021-04-27 21:16 - 2021-03-26 15:59 - 000484064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-27 00:16 - 2013-08-22 21:25 - 000000199 _____ C:\WINDOWS\win.ini
2021-04-26 23:58 - 2021-01-29 21:07 - 000000000 ____D C:\Program Files (x86)\dotnet
2021-04-26 23:57 - 2020-08-22 18:47 - 000000000 ____D C:\Program Files\dotnet
2021-04-26 23:29 - 2016-10-06 18:17 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-04-26 23:29 - 2016-10-06 18:17 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-04-26 22:25 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2020-04-17 00:04 - 2018-12-10 11:00 - 000089056 _____ () C:\Program Files (x86)\piAeroSOFT.ico
2021-02-17 19:07 - 2021-02-17 19:50 - 000000078 _____ () C:\Users\riosme\AppData\Roaming\.flutter
2021-02-17 21:38 - 2021-02-17 21:38 - 000000037 _____ () C:\Users\riosme\AppData\Roaming\.flutter_settings
2021-02-17 19:06 - 2021-05-14 22:19 - 000000125 _____ () C:\Users\riosme\AppData\Roaming\.flutter_tool_state
2018-03-15 16:09 - 2018-03-27 13:30 - 000000034 _____ () C:\Users\riosme\AppData\Roaming\AdobeWLCMCache.dat
2021-01-30 23:33 - 2021-05-04 02:23 - 000000015 _____ () C:\Users\riosme\AppData\Roaming\obs-virtualcam.txt
2020-04-07 14:01 - 2020-11-23 18:19 - 000000264 _____ () C:\Users\riosme\AppData\Roaming\OpenSceneryX Installer.plist
2021-03-12 22:00 - 2021-03-12 22:00 - 000000000 _____ () C:\Users\riosme\AppData\Local\debuggee.mdmp
2018-09-28 11:42 - 2018-09-28 11:42 - 000000000 _____ () C:\Users\riosme\AppData\Local\oobelibMkey.log
2015-11-19 20:17 - 2017-09-27 20:56 - 000007597 _____ () C:\Users\riosme\AppData\Local\resmon.resmoncfg
2019-09-27 10:47 - 2019-09-27 10:47 - 000000014 _____ () C:\Users\riosme\AppData\Local\update_progress.txt
2020-04-15 20:41 - 2020-04-15 20:41 - 000000056 _____ () C:\Users\riosme\AppData\Local\X-Plane 11 Preferences.prf
2020-04-15 20:53 - 2021-04-06 16:45 - 000000037 _____ () C:\Users\riosme\AppData\Local\X-Plane Installer.prf
2020-04-01 19:14 - 2021-05-20 12:40 - 000000112 _____ () C:\Users\riosme\AppData\Local\X-Plane_drm_11.prf
2020-04-01 19:11 - 2020-12-09 12:46 - 000000071 _____ () C:\Users\riosme\AppData\Local\x-plane_install_11.txt
2020-12-09 12:43 - 2021-05-20 12:18 - 000000102 _____ () C:\Users\riosme\AppData\Local\X-Plane_xdd_11.prf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Mackiirios · May 27, 2021

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by riosme (26-05-2021 23:12:25)
Running from C:\Users\riosme\Desktop
Windows 10 Home Single Language Version 20H2 19042.928 (X64) (2021-03-26 09:34:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2423985164-1702367186-3377153497-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2423985164-1702367186-3377153497-503 - Limited - Disabled)
Guest (S-1-5-21-2423985164-1702367186-3377153497-501 - Limited - Disabled)
riosme (S-1-5-21-2423985164-1702367186-3377153497-1001 - Administrator - Enabled) => C:\Users\riosme
WDAGUtilityAccount (S-1-5-21-2423985164-1702367186-3377153497-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3023 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.02.3000 - Acer Incorporated)
Active Directory Authentication Library for SQL Server (HKLM\...\{6BF11ECE-3CE8-4FBA-991A-1F55AA6BE5BF}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Android Studio (HKLM\...\Android Studio) (Version: 4.1 - Google LLC)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Azure Data Studio (HKLM\...\{6591F69E-6588-4980-81ED-C8FCBD7EC4B8}_is1) (Version: 1.28.0 - Microsoft Corporation)
Balsamiq Wireframes (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\{2CC1ECA6-BAE1-41EB-A139-E019A408F5A4}_is1) (Version: 4.1.10 - Balsamiq)
Bandicam 5.0.1.1799 (HKLM-x32\...\Bandicam_is1) (Version: 5.0.1.1799 - lrepacks.ru)
BitTorrent (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\BitTorrent) (Version: 7.10.5.45785 - BitTorrent Inc.)
Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation)
Cisco Packet Tracer 7.2.1 64Bit (HKLM\...\Cisco Packet Tracer 7.2.1 64Bit_is1) (Version: - Cisco Systems, Inc.)
Cities.Skylines.REPACK-KaOs Uninstaller v3.0 (HKLM-x32\...\Cities.Skylines.REPACK-KaOs_is1) (Version: 3.0 - KaOsKrew)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
Dart stable 64-bit (HKLM\...\{E30EFA88-E6EE-4149-860C-049E4F1A1CFC}_is1) (Version: stable 64-bit - Gekorm)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dokan Library 1.4.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project) Hidden
Dokan Library 1.4.0.1000 Bundle (HKLM-x32\...\{97cfdb6c-2faa-43ba-afbc-469e01845e99}) (Version: 1.4.0.1000 - Dokany Project)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Entity Framework 6.2.0 Tools for Visual Studio 2019 (HKLM-x32\...\{F878746A-C5F7-420A-A672-4DFEF74ADC3A}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{F7118EF5-320C-4340-99F4-25F970B428A3}) (Version: 1.1.125.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.12.1.3374 - Softdeluxe)
FxSound (HKLM\...\{AED2ACD9-A217-470A-A54A-B2D6B37E324C}) (Version: 1.1.0.0 - FxSound LLC) Hidden
FxSound (HKLM\...\FxSound 1.1.0.0) (Version: 1.1.0.0 - FxSound LLC)
GDR 2080 for SQL Server 2019 (KB4583458) (64-bit) (HKLM\...\KB4583458) (Version: 15.0.2080.9 - Microsoft Corporation)
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP DeskJet 2130 series Basic Device Software (HKLM\...\{54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
HP DeskJet 2130 series Help (HKLM-x32\...\{1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F}) (Version: 35.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyper Scape (HKLM-x32\...\Uplay Install 11957) (Version: - Ubisoft)
icecap_collection_neutral (HKLM-x32\...\{CCAFAE33-E5CD-4828-962D-B2C08326EC67}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{D74AF03C-D072-4551-9D8E-4312E22685FB}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{364E3A1B-9A41-44D6-9B81-0BF02C6FD2F0}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{144536DB-036C-465C-86F3-53ADFD9C72A2}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{0307C98E-AE82-4A4F-A950-A72FBD805338}) (Version: 10.0.04403 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Integration Services (HKLM-x32\...\{8564E707-DD3A-425E-B333-A9970306BE8F}) (Version: 15.0.2000.162 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{7563302D-BD6B-4153-BA7D-3E3432E7C22D}) (Version: 7.5.6 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java SE Development Kit 8 Update 201 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180201}) (Version: 8.0.2010.9 - Oracle Corporation)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Jeppesen Weather Service (HKLM-x32\...\{3E1D1CE6-FF37-4A5D-9714-D6F48CFD589D}) (Version: 2.8.3.63 - Jeppesen)
Kits Configuration Installer (HKLM-x32\...\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft .NET Core Runtime - 2.1.27 (x64) (HKLM-x32\...\{97bb42dd-49e0-4bc8-ad46-8130c8fef79a}) (Version: 2.1.27.29916 - Microsoft Corporation)
Microsoft .NET Core SDK 3.1.408 (x64) (HKLM-x32\...\{7f96e513-2c4b-4650-b9e3-2d1eef62b7c7}) (Version: 3.1.408.15681 - Microsoft Corporation)
Microsoft .NET SDK 5.0.202 (x64) from Visual Studio (HKLM\...\{52814288-C780-4AD7-BDD4-F3A239988F82}) (Version: 5.2.221.20118 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.27 - Shared Framework (HKLM-x32\...\{7c0c8d9a-9266-429b-8a02-ce7a9b28e435}) (Version: 2.1.27.49112 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.14 - Shared Framework (HKLM-x32\...\{14937385-d104-412c-872e-05ac23a92441}) (Version: 3.1.14.21166 - Microsoft Corporation)
Microsoft ASP.NET Core 5.0.5 - Shared Framework (HKLM-x32\...\{2d9c970f-7e49-454b-81bf-6eca1b48fcea}) (Version: 5.0.5.21167 - Microsoft Corporation)
Microsoft ASP.NET Core 5.0.5 - Shared Framework (HKLM-x32\...\{5c2e0298-7665-4d5e-8602-52dc3694d24f}) (Version: 5.0.5.21167 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.6 (HKLM\...\{EDADFA19-7F96-4075-A4AB-2209910626C5}) (Version: 2.9.8899.26 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.6 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.6) (Version: 2.9.8899.26 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{853997DA-6FCB-4FB9-918E-E0FF881FAF65}) (Version: 17.7.2.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{9D6F8754-28E9-4940-B319-3FC8588CF18F}) (Version: 18.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation)
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation)
Microsoft SQL Server 2019 T-SQL Language Service (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.9.1 (HKLM-x32\...\{bf0d55ea-f272-49bc-8699-22fbdcc115a8}) (Version: 15.0.18384.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.4053 False (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.57102 False (HKLM\...\{f0cbd694-71ce-4391-9690-5da93b2f0445}) (Version: 8.0.57102 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.0 False (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148.0 False (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 False Eng (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False Eng (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.56.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3077.1211 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{2EC26D34-FB67-4C58-AC20-235697551222}) (Version: 10.0.3802 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.14 (x86) (HKLM-x32\...\{910975ce-2379-434d-8e20-b36e068df1a9}) (Version: 3.1.14.29915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.5 (x64) (HKLM-x32\...\{97a0c33d-cb7d-4cff-8239-c7704b60e698}) (Version: 5.0.5.29917 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.5 (x86) (HKLM-x32\...\{fc569924-0ab1-4665-b4e4-72bbd3fdda97}) (Version: 5.0.5.29917 - Microsoft Corporation)
MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Node.js (HKLM\...\{E114AB10-F91A-4E67-BA42-B3EAD53D3534}) (Version: 14.8.0 - Node.js Foundation)
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 466.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.47 - NVIDIA Corporation)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2020 (HKLM\...\{56B041A5-F592-4B9A-AD5D-68915B926AE9}) (Version: 22.0.0.0 - Autodesk)
NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Texture Tools Exporter for Adobe Photoshop (HKLM-x32\...\NVIDIA Texture Tools Exporter for Adobe Photoshop) (Version: 2020.1.3 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Opera GX Stable 73.0.3856.434 (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Opera GX 73.0.3856.434) (Version: 73.0.3856.434 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.88.45385 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Pilot2ATC 2.6.1.2_x64 (HKLM-x32\...\05E1EA0F-A436-4E30-A305-D83071663708_is1) (Version: 2.6.1.2_x64 - Pilot2ATC)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
Python 3.8.5 (64-bit) (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\{de694e50-e0d0-48a5-9a7a-56fd037154e2}) (Version: 3.8.5150.0 - Python Software Foundation)
Python 3.8.5 Add to Path (64-bit) (HKLM\...\{7CAC0CB2-09C3-49D5-88E2-1EC174FFABE3}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Core Interpreter (64-bit) (HKLM\...\{CD482F6D-9FC2-4042-B380-9FB198102148}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Development Libraries (64-bit) (HKLM\...\{FA7816C5-12FB-4278-9437-E99AA9639E59}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Documentation (64-bit) (HKLM\...\{7211CFF5-CFE7-4B7C-A699-DB0E65DAF4BC}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Executables (64-bit) (HKLM\...\{216A8530-DA4B-42FE-BDD4-DCDC1298FB6C}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 pip Bootstrap (64-bit) (HKLM\...\{AA5051A9-8135-494F-AE0D-AE9A503B2C72}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Standard Library (64-bit) (HKLM\...\{A3E57B8B-8336-4C64-83B7-5C6EC8E25254}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Tcl/Tk Support (64-bit) (HKLM\...\{B0F29718-AB7A-40AF-8DF9-4E6129FFBCD4}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Test Suite (64-bit) (HKLM\...\{6FF3D3E8-6953-4723-B5E1-3A19416F6350}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python 3.8.5 Utility Scripts (64-bit) (HKLM\...\{C28BE172-9103-463D-9793-264434DBDC27}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{CEEAEA02-2472-4BF6-8994-52D6783F5575}) (Version: 3.8.7140.0 - Python Software Foundation)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.69 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39063 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8862.1 - Realtek Semiconductor Corp.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for riosme (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.40.358 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
SAM Suite version 1.4.0 (HKLM\...\{3EA92D02-C9B1-40FB-A28B-B0A6EA6713CE}_is1) (Version: 1.4.0 - )
SDK ARM Additions (HKLM-x32\...\{FCF9D89E-6F79-64FB-B08D-B0E69FF54DEE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{72DB07D6-E166-5A3F-B6E6-4664383781B8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Sid Meiers Civilization VI New Frontier Pass Portugal (HKLM-x32\...\Sid Meiers Civilization VI New Frontier Pass Portugal_is1) (Version: - )
SimToolkitPro (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\simtoolkitpro) (Version: 0.6.48 - SimToolkitPro)
Skype version 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Snap Camera 1.12.1 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.12.1 - Snap Inc.)
SnowRunner Locate and Deliver (HKLM-x32\...\SnowRunner Locate and Deliver_is1) (Version: - )
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{AC2FDB24-D722-49F9-8CB4-8AC187A73BA6}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{FFEDA3B1-242E-40C2-BB23-7E3B87DAC3C1}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{6E38BAB6-6AFA-49DC-B779-A068B0E5CD11}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{7CC4781E-9184-4BF6-B739-6179DDA10D7B}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{C0BE7047-8F9B-43BD-B11F-53D2BC61A0AC}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Syncios 6.6.7 (HKLM-x32\...\Syncios) (Version: 6.6.7 - Anvsoft)
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Traffic Global for X-Plane (HKLM\...\{CD6DB50A-C95C-489C-A35D-8595C8E6BCD6}) (Version: 1.0.9672 - Just Flight) Hidden
Traffic Global for X-Plane (HKLM-x32\...\{f1e86224-2dd9-439b-9261-07f48fa03dc2}) (Version: 1.0.9672 - Just Flight)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
TypeScript SDK (HKLM-x32\...\{54BBE05F-F2AC-4403-AA5D-786BEAA645D5}) (Version: 4.1.4.0 - Microsoft Corporation) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 112.3 - Ubisoft)
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{CD06199B-41C1-AE6D-7567-984CC68792C3}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{BD75F257-50A4-E0CD-9942-C3550CA3E66A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
VALORANT (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
vcpp_crt.redist.clickonce (HKLM-x32\...\{8236EB3D-576E-432C-867A-D64F390A9D38}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\0d27d9b4) (Version: 16.9.31205.134 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 1.0.8.1 - Voicemod S.L.)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{FB93144C-7671-4DA4-883B-B1D15F00176A}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{03119992-794E-4BD1-8811-050DD87BC41C}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{6E29FB21-642A-4E68-BD8B-745E679EB9F5}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{D12A3F67-709D-477A-B5D3-D820E4C745E3}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{B64FFE5E-EDCF-49DE-B528-C5AA0D0C313B}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B994480E-2AA4-4B45-98BA-C01D9F8D2C90}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{D29146C4-081C-4671-A306-894FF983D18A}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{621CB344-D1D9-4F17-A5B5-36BBBC4F6FFA}) (Version: 16.9.31025 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{F4E68397-CB34-42A2-A2FC-33C63EA0CE3B}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{90BDEEC4-B67A-4ED4-A59C-E5616D5D5CA9}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{6C9A7596-C8E7-44B0-B5C1-15D5CB97499A}) (Version: 16.9.31004 - Microsoft Corporation) Hidden
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WeMod (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\WeMod) (Version: 7.0.19 - WeMod)
WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (11/11/2015 2.0.0020.00000) (HKLM\...\B02D55DC05C888A284041A2F8A294C0D557A218C) (Version: 11/11/2015 2.0.0020.00000 - Google, Inc.)
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden
Wondershare Filmora 10.0.0.91 (HKLM\...\Wondershare Filmora_is1) (Version: 10.0.0.91 - lrepacks.ru)
XAMPP (HKLM\...\xampp) (Version: 7.4.8-0 - Bitnami)
Zoom (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)

Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-08] (Acer Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.125.400.0_x86__kgqvnymyfvs32 [2018-10-26] (king.com)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-03-26] (Microsoft Corporation)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.16.8094.0_x86__q4d96b2w5wcc2 [2018-11-06] (Evernote)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_171.1882.47562.0_x86__8xx8rvfyw5nnt [2018-09-14] (Facebook Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.31.1.0_x64__ypmq2qh89vmny [2019-10-14] (Turnipsoft) [MS Ad]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_86.1.468.0_x64__v10z8vjag6ke6 [2018-10-07] (HP Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_550.7.119.0_x64__8xx8rvfyw5nnt [2020-06-30] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-09-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-03-26] (Microsoft Studios) [MS Ad]
Movie Moments -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2015-07-21] (Microsoft Corporation)
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-01] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.26.12334.0_x64__8wekyb3d8bbwe [2018-08-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.25.11802.0_x64__8wekyb3d8bbwe [2018-07-04] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-01] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe [2018-08-17] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-05-25] (NVIDIA Corp.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-03-26] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-15] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

Mackiirios · May 27, 2021

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2017\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\riosme\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2017\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2017\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\nvshext.dll [2021-05-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\riosme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 9.0 Tomcat9\Tomcat Host Manager.lnk -> hxxp://127.0.0.1:8080/host-manager/htm
Shortcut: C:\Users\riosme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 9.0 Tomcat9\Tomcat Manager.lnk -> hxxp://127.0.0.1:8080/manager/htm
Shortcut: C:\Users\riosme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 9.0 Tomcat9\Welcome.lnk -> hxxp://127.0.0.1:8080

==================== Loaded Modules (Whitelisted) =============

2020-11-19 23:51 - 2017-02-27 13:30 - 000102400 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\libvlc.dll
2020-11-19 23:51 - 2017-02-27 13:30 - 001757696 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\libvlccore.dll
2020-11-19 23:51 - 2017-02-27 13:30 - 000194560 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\plugins\access\libdshow_plugin.dll
2020-11-19 23:51 - 2017-02-27 13:30 - 000046080 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\plugins\audio_output\libaout_directx_plugin.dll
2020-11-19 23:51 - 2017-02-27 13:30 - 000045056 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\plugins\audio_output\libwaveout_plugin.dll
2020-11-19 23:51 - 2017-02-27 13:30 - 000047104 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\plugins\control\libhotkeys_plugin.dll
2020-11-19 23:52 - 2017-02-27 13:30 - 000032256 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\plugins\mmxext\libmemcpymmxext_plugin.dll
2020-11-19 23:52 - 2017-02-27 13:30 - 000065536 _____ () [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\player\plugins\video_output\libdirectx_plugin.dll
2020-11-19 23:51 - 2017-07-08 06:21 - 000013824 _____ (Microsoft Corporation) [File not signed] C:\Users\riosme\AppData\Roaming\BitTorrent\MSIMG32.dll
2020-12-21 07:25 - 2020-12-21 07:25 - 002725376 _____ (Nalpeiron) [File not signed] C:\Program Files\FxSound LLC\FxSound\ShaferFilechck.DLL
2020-12-22 23:52 - 2020-11-18 16:25 - 000243712 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\vmsclshared.dll
2020-12-22 23:52 - 2020-11-18 16:26 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [450]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www2.savemax.store/
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2423985164-1702367186-3377153497-1001 -> {E1987B14-32A6-44B4-9AED-18351E2B82F8} URL = hxxps://ph.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2021-05-26 23:37 - 000000944 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ssl.bandisoft.com
127.0.0.1 localhost
127.0.0.1 license.sublimehq.com
127.0.0.1 telemetry.malwarebytes.com
127.0.0.1 keystone.mwbsys.com

2016-02-08 07:00 - 2019-05-02 15:14 - 000000501 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python38\Scripts\;C:\Python38\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\MinGW\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Java\jdk1.8.0_121\bin;C:\Program Files (x86)\FilExile;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\wamp64\bin\php\php7.2.14;C:\ProgramData\ComposerSetup\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\dotnet\;C:\Program Files\Dart\dart-sdk\bin;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\Azure Data Studio\bin;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\riosme\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\pexels-stein-egil-liland-1933317.jpg
HKU\S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CDA Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "NETGEARGenie"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "SIMDashboardServer"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2423985164-1702367186-3377153497-1001\...\StartupApproved\Run: => "Snap Camera"

Mackiirios · May 27, 2021

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{32512A92-ECFF-4FE3-9ECD-60A22AA1CAB3}C:\games\city.car.driving.v1.5.9.2\bin\win32\starter.exe] => (Allow) C:\games\city.car.driving.v1.5.9.2\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{9F0E7D56-C19A-488A-8B26-4D335125130B}C:\games\city.car.driving.v1.5.9.2\bin\win32\starter.exe] => (Allow) C:\games\city.car.driving.v1.5.9.2\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{0B4024BD-5274-4AE6-8156-2B8DCB9193FC}C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{19975956-4054-4FA1-B581-B7911891DAF2}C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{BDFEDC7C-C58F-4710-9B85-EBCA8C20D2D6}C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re)
FirewallRules: [TCP Query User{17FE6236-058B-442E-A6A2-419C4D00290A}C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\riosme\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re)
FirewallRules: [{B4EA50A5-F2BB-4018-B3D8-AE6763DC9A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{4004C52D-45E9-4591-B9A0-66FED65B3D9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{4E473214-929D-4161-86F1-7D8CA3BB1D8E}C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe] => (Allow) C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe => No File
FirewallRules: [TCP Query User{FD047A56-A1B5-4B1A-BFDB-99201E871024}C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe] => (Allow) C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe => No File
FirewallRules: [UDP Query User{639B298C-3A02-4258-8C6A-B09C2D3B4C19}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => No File
FirewallRules: [TCP Query User{996EC95A-37C5-4833-ACFE-ACA2EA69D5DD}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => No File
FirewallRules: [UDP Query User{97F7C1A8-EAEE-46BE-B0F3-930D99FC315E}C:\users\riosme\appdata\roaming\baidu\baidunetdisk\baidunetdiskhost.exe] => (Allow) C:\users\riosme\appdata\roaming\baidu\baidunetdisk\baidunetdiskhost.exe => No File
FirewallRules: [TCP Query User{E9C9146D-6C86-4F9C-AD70-5A34DA253920}C:\users\riosme\appdata\roaming\baidu\baidunetdisk\baidunetdiskhost.exe] => (Allow) C:\users\riosme\appdata\roaming\baidu\baidunetdisk\baidunetdiskhost.exe => No File
FirewallRules: [UDP Query User{444F3E70-ABF0-436B-BAE6-87BD11C8955D}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => No File
FirewallRules: [TCP Query User{5293BB78-2E2B-4EF5-9857-90E3F1DCD21D}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => No File
FirewallRules: [UDP Query User{1B4BA647-E591-432A-8C0E-9F6B5495F106}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => No File
FirewallRules: [TCP Query User{749AB616-8BD4-4AA5-9127-1DDC496E3330}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => No File
FirewallRules: [UDP Query User{8A677C23-4D5F-402E-B852-66E5F29A3243}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => No File
FirewallRules: [TCP Query User{2A592815-64C1-4F83-A192-6B64C4E03F3D}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => No File
FirewallRules: [UDP Query User{E5B56FAC-AC2B-4F5C-A3E4-AA7E6BF52333}C:\gg\flashing lights\flashinglights.exe] => (Allow) C:\gg\flashing lights\flashinglights.exe => No File
FirewallRules: [TCP Query User{62F9CF1F-8F7E-4BF0-BC19-5903A6D77C4E}C:\gg\flashing lights\flashinglights.exe] => (Allow) C:\gg\flashing lights\flashinglights.exe => No File
FirewallRules: [UDP Query User{8A7C102E-9041-463F-BDAF-2C001366D09F}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => No File
FirewallRules: [TCP Query User{39367754-30CC-4766-97CF-15A76183BBDC}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => No File
FirewallRules: [UDP Query User{9CB45E5A-D2C8-42D3-A45B-74540FD64DA6}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.473\opera.exe => No File
FirewallRules: [TCP Query User{F2CDC7D5-1BC1-4F66-90FC-AE5F3C49DC67}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.473\opera.exe => No File
FirewallRules: [UDP Query User{76D92215-61FF-4E4C-BB43-52C86232EAE4}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => No File
FirewallRules: [TCP Query User{2015C175-3A83-483F-8180-FF0CBEE1BCA0}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => No File
FirewallRules: [{8598A9D5-E458-4E62-BE78-0CC43F28170D}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{DE3D7571-DB04-4634-9B00-D1829B9F88F3}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{43EE06BF-BB89-44C5-B9F1-A3DF3AD70488}] => (Allow) C:\Users\riosme\AppData\Local\Temp\7zS49AF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DA6EC848-5C4C-45DF-BA00-A106D711EA52}] => (Allow) C:\Users\riosme\AppData\Local\Temp\7zS49AF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [UDP Query User{3CAAC4BF-32C3-469A-9A11-8961F4B14C9C}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5883378B-F730-4D3B-885D-A3CDD629C03D}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{37D4BE6B-2447-4AE6-9D4C-A6E7140845D7}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{79C4FC8E-43AE-4305-A4F9-1B2E7B95DCFA}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{44D7096E-B21C-48CE-A1E6-F3002006B015}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{9A0E16FF-C333-4015-B4EA-1F1618E425AF}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [UDP Query User{47A9037A-4CDB-48EB-9FA7-544910106E2F}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => No File
FirewallRules: [TCP Query User{87A1371C-7ED9-4DF1-A9BD-592FFCB158F7}C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => No File
FirewallRules: [UDP Query User{E4E86A72-5F0A-4A3B-818F-8A57D0117E67}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => No File
FirewallRules: [TCP Query User{8B35B05D-4619-4E68-9426-C2AD1F9CF771}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => No File
FirewallRules: [UDP Query User{C429B1BD-A035-45CB-BB2F-03BC82E0C16D}C:\x-plane 11\x-plane.exe] => (Allow) C:\x-plane 11\x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [TCP Query User{2D1CA1C8-165C-497E-9326-762FE3B037AE}C:\x-plane 11\x-plane.exe] => (Allow) C:\x-plane 11\x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [UDP Query User{B317088E-2378-4866-8826-6D586952CE30}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => No File
FirewallRules: [TCP Query User{1D50B998-21E1-444F-988B-1E03290F39A1}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => No File
FirewallRules: [UDP Query User{3D289FEF-C60A-4821-8519-73B4408A7720}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.441\opera.exe => No File
FirewallRules: [TCP Query User{D0FDE3A1-E9DC-46CB-9225-47A38C8DDE3F}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.441\opera.exe => No File
FirewallRules: [{06356024-64D5-432E-B5EE-32E3E9D74808}] => (Allow) C:\Users\riosme\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D659A914-9BC5-4662-BED1-E8E36F5B1EE9}] => (Allow) C:\Users\riosme\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{9F947E70-62F3-4F90-B30B-F224FA5D8306}C:\users\riosme\appdata\local\simtoolkitpro\app-0.6.48\simtoolkitpro.exe] => (Allow) C:\users\riosme\appdata\local\simtoolkitpro\app-0.6.48\simtoolkitpro.exe (SimToolkitPro) [File not signed]
FirewallRules: [TCP Query User{D220A502-D3D8-4BBD-89C2-994E7DCE4E34}C:\users\riosme\appdata\local\simtoolkitpro\app-0.6.48\simtoolkitpro.exe] => (Allow) C:\users\riosme\appdata\local\simtoolkitpro\app-0.6.48\simtoolkitpro.exe (SimToolkitPro) [File not signed]
FirewallRules: [UDP Query User{EDDD377C-4079-4CE6-9977-0826F011A55C}C:\gg\x-plane 11\x-plane.exe] => (Allow) C:\gg\x-plane 11\x-plane.exe => No File
FirewallRules: [TCP Query User{82BAE0BF-CC24-4D40-A30F-1932FF59ED28}C:\gg\x-plane 11\x-plane.exe] => (Allow) C:\gg\x-plane 11\x-plane.exe => No File
FirewallRules: [UDP Query User{B11A545F-5A4B-4298-9FB5-33A931BBA230}C:\games\microsoft flight simulator\flightsimulator.exe] => (Allow) C:\games\microsoft flight simulator\flightsimulator.exe => No File
FirewallRules: [TCP Query User{A43FC416-BB5A-41EC-8064-166A6F2EFEB3}C:\games\microsoft flight simulator\flightsimulator.exe] => (Allow) C:\games\microsoft flight simulator\flightsimulator.exe => No File
FirewallRules: [UDP Query User{E18251A1-256C-463E-9022-0CD8E2C78CED}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.323\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.323\opera.exe => No File
FirewallRules: [TCP Query User{AE6C510B-1D6E-4C29-901D-4337E9E83291}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.323\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.323\opera.exe => No File
FirewallRules: [UDP Query User{462FFF05-0A6A-406B-A152-2FEE2565D13E}C:\users\riosme\desktop\esx-pack-large-win\fxserver.exe] => (Allow) C:\users\riosme\desktop\esx-pack-large-win\fxserver.exe => No File
FirewallRules: [TCP Query User{3484C0D4-CC48-4A82-BD2F-0423F159ECE9}C:\users\riosme\desktop\esx-pack-large-win\fxserver.exe] => (Allow) C:\users\riosme\desktop\esx-pack-large-win\fxserver.exe => No File
FirewallRules: [UDP Query User{7A7A1491-AEE9-4A2B-A8D7-E863B7255D79}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.310\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.310\opera.exe => No File
FirewallRules: [TCP Query User{27B7A46B-4B2C-442F-B1B7-F647077FA3F2}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.310\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.310\opera.exe => No File
FirewallRules: [UDP Query User{1127572C-7B50-4A91-B33E-1E1EC5E37DF9}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.287\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.287\opera.exe => No File
FirewallRules: [TCP Query User{3467D9B7-5364-42AB-8F0E-453F0A6F9C7C}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.287\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.287\opera.exe => No File
FirewallRules: [UDP Query User{C94C9C0F-0F83-40C6-9B60-E9C1EFD98FFC}C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe] => (Allow) C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe (Respondus, Inc. -> )
FirewallRules: [TCP Query User{167AE8B9-94BA-460B-B292-EE388323B932}C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe] => (Allow) C:\program files (x86)\respondus\lockdown browser\lockdownbrowser.exe (Respondus, Inc. -> )
FirewallRules: [UDP Query User{988DCFEE-4D25-4089-9399-C518FC76EE44}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.234\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.234\opera.exe => No File
FirewallRules: [TCP Query User{52F0AFED-1F5A-4E24-8749-7DC8C0784EB8}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.234\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.234\opera.exe => No File
FirewallRules: [UDP Query User{BC93F8C1-996A-4817-B7E6-A5A6E412310C}C:\program files\windowsapps\facebook.317180b0bb486_550.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_550.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [TCP Query User{C7A440BB-21FA-4400-920C-D2F37967D7A7}C:\program files\windowsapps\facebook.317180b0bb486_550.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_550.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [{E51DD474-0B20-4AB6-93EE-F2F071F2A9CE}] => (Allow) C:\Users\riosme\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{DE1634A4-C92B-4C51-908E-CFAD5DC45909}] => (Allow) C:\Users\riosme\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{FE1856E5-918F-4E81-A1B0-99B180ED7600}] => (Allow) C:\Users\riosme\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{90ED573C-E559-462A-AA13-149111E78FF5}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.205\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.205\opera.exe => No File
FirewallRules: [TCP Query User{9643C3BE-C78A-4729-A538-A37EAC7622C7}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.205\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.205\opera.exe => No File
FirewallRules: [UDP Query User{635B5C78-0740-48F0-A74A-5D989D0A2DEC}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.175\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.175\opera.exe => No File
FirewallRules: [TCP Query User{BFDE09EB-5952-4070-93BE-774C4054CFD6}C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.175\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\71.0.3770.175\opera.exe => No File
FirewallRules: [{14B8924E-CDB9-4492-BDE1-A2413E8C6F28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{EB7CE273-2557-4991-83B8-91FDAAD5085F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [UDP Query User{BCF38B0E-0A3B-45AE-B82C-68351B31B3F4}C:\users\riosme\desktop\ribesx5\fxserver.exe] => (Allow) C:\users\riosme\desktop\ribesx5\fxserver.exe => No File
FirewallRules: [TCP Query User{C9FFDEFC-8372-42B8-952E-199DB2B98EEE}C:\users\riosme\desktop\ribesx5\fxserver.exe] => (Allow) C:\users\riosme\desktop\ribesx5\fxserver.exe => No File
FirewallRules: [UDP Query User{02B15C15-E1C7-4832-81E3-C87E14ABF8A1}C:\users\riosme\desktop\g\surgeon.simulator.2\surgeon simulator 2.exe] => (Allow) C:\users\riosme\desktop\g\surgeon.simulator.2\surgeon simulator 2.exe => No File

Mackiirios · May 27, 2021

FirewallRules: [TCP Query User{DF198E44-9D48-4802-AFC3-3C59B63088DA}C:\users\riosme\desktop\g\surgeon.simulator.2\surgeon simulator 2.exe] => (Allow) C:\users\riosme\desktop\g\surgeon.simulator.2\surgeon simulator 2.exe => No File
FirewallRules: [UDP Query User{5F644147-946C-44B5-A063-8726A71436FD}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{092F5AF5-671E-4207-838C-98A921F2445A}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{F5150D7E-3938-44FF-A36D-A43A6F933537}C:\users\riosme\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\riosme\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7850A7C5-5345-4B2E-93E6-11289DE68113}C:\users\riosme\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\riosme\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B374FD54-6E55-4A8A-AC77-4D6E0453C481}C:\users\riosme\desktop\esx_v4\fxserver.exe] => (Allow) C:\users\riosme\desktop\esx_v4\fxserver.exe => No File
FirewallRules: [TCP Query User{9F374CDC-03E5-4668-BBAF-7FE35ED2D27F}C:\users\riosme\desktop\esx_v4\fxserver.exe] => (Allow) C:\users\riosme\desktop\esx_v4\fxserver.exe => No File
FirewallRules: [UDP Query User{D27378CE-D0AA-4B1D-BFCF-4DB86FCB4F3F}C:\users\riosme\appdata\local\programs\opera gx\68.0.3618.206\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\68.0.3618.206\opera.exe => No File
FirewallRules: [TCP Query User{FDF12388-3402-4352-8561-C843A67B7AE8}C:\users\riosme\appdata\local\programs\opera gx\68.0.3618.206\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\68.0.3618.206\opera.exe => No File
FirewallRules: [UDP Query User{6B4A6F5E-809F-4DE0-B036-4A2D784854FD}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe => No File
FirewallRules: [TCP Query User{639FBF78-000F-4ED2-AE11-3DCECE1BCED0}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe => No File
FirewallRules: [UDP Query User{B62E150B-9128-40EE-8A05-1D5E77E650E5}C:\users\riosme\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\riosme\desktop\teamspeak3-server_win64\ts3server.exe => No File
FirewallRules: [TCP Query User{812D039B-C2A4-4485-98BE-71799A4AB6C2}C:\users\riosme\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\riosme\desktop\teamspeak3-server_win64\ts3server.exe => No File
FirewallRules: [UDP Query User{E41CD6B2-821F-4F9F-826D-9A0E6DF696E9}C:\fxserver\fxserver.exe] => (Allow) C:\fxserver\fxserver.exe => No File
FirewallRules: [TCP Query User{17B92E50-65C0-4B9F-B12A-AFEC77890312}C:\fxserver\fxserver.exe] => (Allow) C:\fxserver\fxserver.exe => No File
FirewallRules: [UDP Query User{3C08C2C0-3536-42D1-8DC1-A405D63335DD}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{A34FA4CC-8E18-46C4-AB35-125FDB56EAB0}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{8B691E00-4EFC-43D1-8630-FEE3D8F99D7D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{E8D8BBD1-3AEC-4057-8D18-5840676571D9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{3012B23E-62E4-4016-BA4B-BA6B9AFE134F}] => (Allow) C:\Program Files (x86)\SIMDashboardServer\SIMDashboardServer.exe => No File
FirewallRules: [UDP Query User{DD43F6DF-D722-4ADE-A617-BC3A5D745C73}C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [TCP Query User{2EA6BCEF-6625-4106-ACB3-696A35E6F7F0}C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [{4FEEF437-E62D-4FAD-AA77-347CEC5F369A}] => (Allow) C:\Program Files (x86)\SIMDashboardServer\SIMDashboardServer.exe => No File
FirewallRules: [UDP Query User{FB5B1426-F71C-4FF0-B50F-B8BA0C9CB9A1}C:\games\cod mw2 remastered\mw2cr.exe] => (Block) C:\games\cod mw2 remastered\mw2cr.exe => No File
FirewallRules: [TCP Query User{A24A594B-B5F4-4535-BF60-FC94846309B3}C:\games\cod mw2 remastered\mw2cr.exe] => (Block) C:\games\cod mw2 remastered\mw2cr.exe => No File
FirewallRules: [UDP Query User{2564D7D2-853E-4D6D-AB19-2829AB7CCF4C}C:\garena\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\garena\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{184FC88A-2B60-4847-9AE5-1ED228F0B418}C:\garena\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\garena\games\32844\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{38A32E52-3B72-4C31-A68A-FA46DBFE5CAB}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1909.2618\gxxsvc.exe => No File
FirewallRules: [{59A2A126-7626-4782-8E1E-795BCDA6319B}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe => No File
FirewallRules: [UDP Query User{7D67C91A-7881-4B8D-9908-13A44838128C}C:\program files (x86)\x-plane 11\x-plane.exe] => (Block) C:\program files (x86)\x-plane 11\x-plane.exe => No File
FirewallRules: [TCP Query User{FADA4D65-8365-4F8F-9B4F-4268A23F7E9D}C:\program files (x86)\x-plane 11\x-plane.exe] => (Block) C:\program files (x86)\x-plane 11\x-plane.exe => No File
FirewallRules: [UDP Query User{0CE3F967-26E0-4BA2-885E-06013D9F64B8}C:\games\city car driving\bin\win32\starter.exe] => (Block) C:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{E8CD9B65-9D5D-4DB5-97CC-037C06947411}C:\games\city car driving\bin\win32\starter.exe] => (Block) C:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{C4066233-863F-4258-BF02-ED8C511C6B56}C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe] => (Block) C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe => No File
FirewallRules: [TCP Query User{318F2593-9BA6-49C2-8F04-185CD64D31FA}C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe] => (Block) C:\program files (x86)\rise of the tomb raider - 20 years celebration\rottr.exe => No File
FirewallRules: [UDP Query User{B7D5CB0D-B755-402E-B0A9-361F041CCCC6}C:\games\need for speed heat\needforspeedheat.exe] => (Block) C:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{B0D41C3B-78D1-46AD-A93F-E69196E4A81B}C:\games\need for speed heat\needforspeedheat.exe] => (Block) C:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{61C04040-29BE-42B5-90D0-5299438C4813}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe => No File
FirewallRules: [TCP Query User{2213ABB0-0027-4255-A46F-54794D988CF5}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe => No File
FirewallRules: [UDP Query User{1B616B87-B1EE-4599-9DBF-907C42074BCD}C:\program files\epic games\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) C:\program files\epic games\farmingsimulator19\x64\farmingsimulator2019game.exe => No File
FirewallRules: [TCP Query User{A4996EC8-5A8F-4B7F-99F2-5258D28B69C2}C:\program files\epic games\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) C:\program files\epic games\farmingsimulator19\x64\farmingsimulator2019game.exe => No File
FirewallRules: [UDP Query User{C1FE9FED-300B-40EB-BEE6-33773422FA87}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E92BD396-E48A-4A86-863D-5AC21F014CCD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{EDD5CD9E-F265-434A-9B70-EBDEE1AB165C}C:\users\riosme\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\riosme\appdata\local\teamspeak 3 client\ts3client_win64.exe => No File
FirewallRules: [TCP Query User{4DAAADD2-2A64-4DD9-AE04-6AB5F5A996AC}C:\users\riosme\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\riosme\appdata\local\teamspeak 3 client\ts3client_win64.exe => No File
FirewallRules: [UDP Query User{BA9FC91F-6C10-4C6F-B441-53748D8A6763}C:\users\riosme\desktop\g\fivem\fivem.exe] => (Allow) C:\users\riosme\desktop\g\fivem\fivem.exe (Intricus Software Limited -> Cfx.re)
FirewallRules: [TCP Query User{52903884-EA1B-42F1-BA7B-F18D13771170}C:\users\riosme\desktop\g\fivem\fivem.exe] => (Allow) C:\users\riosme\desktop\g\fivem\fivem.exe (Intricus Software Limited -> Cfx.re)
FirewallRules: [UDP Query User{44EC9A92-05FF-4FA2-A5D2-BD3DFA5B0BCA}C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Block) C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe => No File
FirewallRules: [TCP Query User{BB217B13-4A2D-4E4E-82FD-8F6EB5B35053}C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Block) C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe => No File
FirewallRules: [UDP Query User{5F0271CF-56C5-4295-AF5C-667FF7C0C32F}C:\users\riosme\desktop\g\fivem\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\riosme\desktop\g\fivem\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [TCP Query User{D84DAB6F-2237-441B-A374-D0F1C697B249}C:\users\riosme\desktop\g\fivem\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\riosme\desktop\g\fivem\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [UDP Query User{6181F5E3-8C86-4D34-A510-FECA2D8FFA92}C:\users\riosme\desktop\fivem\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\riosme\desktop\fivem\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{35F04E43-4610-4A42-AD25-0458FEBFB8A2}C:\users\riosme\desktop\fivem\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\riosme\desktop\fivem\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5CC3E5C8-F3B0-46BE-B985-3D5446964E37}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{688AC134-B4C1-4A53-A478-43C2D7D02273}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CB947ECC-F94E-48BF-94A1-CFBB04CA98DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EC6E9ADF-3E8E-461F-9F97-7C0C4A220617}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{266F369D-6916-4228-9D20-597EEECF8047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6BDC7546-4E36-4758-998B-0476B0CEB672}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [UDP Query User{08E292FA-B71D-4009-8198-38F65BE1F24B}C:\users\riosme\downloads\anydesk.exe] => (Allow) C:\users\riosme\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{2DA74CDE-0629-4E8D-86CA-76C5EC48F708}C:\users\riosme\downloads\anydesk.exe] => (Allow) C:\users\riosme\downloads\anydesk.exe => No File
FirewallRules: [{9030770E-34E4-4818-B7D1-2B52C9CDCACB}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\Command and Conquer - Generals\Command and Conquer Generals Zero Hour\generals.exe => No File
FirewallRules: [{9123AAD0-56E3-4BDE-A123-FB773AA63497}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\Command and Conquer - Generals\Command and Conquer Generals Zero Hour\generals.exe => No File
FirewallRules: [{B98DA87B-E4F1-471A-81D3-57F6E22ED666}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\Command and Conquer - Generals\Command and Conquer Generals Zero Hour\generals.exe => No File
FirewallRules: [{5AFF0EF4-4D89-4809-A252-C158FCAC547E}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\Command and Conquer - Generals\Command and Conquer Generals Zero Hour\generals.exe => No File
FirewallRules: [UDP Query User{CBECBD11-EE8A-4F43-B96B-B2C6837FBDE3}C:\games\far cry 4\bin\farcry4.exe] => (Block) C:\games\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{F325B540-7E3C-4B2A-BD01-7A7E6AE08566}C:\games\far cry 4\bin\farcry4.exe] => (Block) C:\games\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{52E8D4A6-9810-4475-9A53-D439FA4BA7D9}C:\games\need for speed - most wanted\nfs13.exe] => (Block) C:\games\need for speed - most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{CE7D3B37-0D33-4A4C-8B59-35D525714117}C:\games\need for speed - most wanted\nfs13.exe] => (Block) C:\games\need for speed - most wanted\nfs13.exe => No File
FirewallRules: [{8F44D33C-6DAD-47C2-9A37-803939167793}] => (Block) %SystemDrive%\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{03446FA6-B777-4EC7-BD42-316570D25AE1}] => (Block) %SystemDrive%\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{9E3CD179-982C-4A16-8926-FA5D9602E3F8}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{8DB7B958-B0C2-4E1C-BDEA-41A108B4EE2C}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{38B7FAD1-3B3D-46E6-8A6C-35A3DEE09E8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{835888E5-C805-4CC1-8B08-AE717A38973C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46FBF333-4F32-4D30-9690-6C2C3905F797}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{13CD8092-47F9-4B28-B7B7-2FB0CA7FEE13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{17191BE4-A3AA-4D4B-BBF5-619C016AF4AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6308B307-6745-4413-9358-FA52D0BB4C75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB58EB24-8E7F-48A9-9093-1637D46F9118}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57F7CD18-6CA8-4335-B441-BFCA780490E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C9BF3006-00D7-4717-8D4E-8BE986F7818C}C:\program files (x86)\steam\steamapps\common\pubg_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_experimental\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{BD3E2714-D76B-4EF7-A464-47DE63354397}C:\program files (x86)\steam\steamapps\common\pubg_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_experimental\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{4315353C-92FF-4163-B251-D1B18B566B97}] => (Allow) LPort=25555
FirewallRules: [UDP Query User{6B30B664-B072-4EF7-A9E2-B6DF65AD25F9}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{E3B07EFE-D378-4BD1-B117-8022D63AE414}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{F902A567-65DB-4BD0-94FB-6FA99A42FD40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{64AE8A0D-2B5E-4E7E-BF51-71469FF517C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{37F80628-62AA-46FF-B53B-C6FB27536EF4}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3846D4B7-FD60-444F-905D-39F69F286A49}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B75BB5B4-5A35-4887-8A8B-45089CB476D4}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.0420\gxxsvc.exe => No File
FirewallRules: [UDP Query User{D53BD99A-5BAE-41F7-9A1B-A53AB222D1C3}C:\program files (x86)\java\jre1.8.0_161\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\jp2launcher.exe => No File
FirewallRules: [TCP Query User{4E0E6E1D-76FA-4C7C-9E86-BB318EEB45D4}C:\program files (x86)\java\jre1.8.0_161\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\jp2launcher.exe => No File

Mackiirios · May 27, 2021

FirewallRules: [UDP Query User{D22CBB81-3B37-498E-8FAF-5746B9672915}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe => No File
FirewallRules: [TCP Query User{C376FCA3-5AA2-4B57-997C-BE8A2B7723E6}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe => No File
FirewallRules: [UDP Query User{A68CE44D-070A-4A62-8A01-F8C98FFE5FA7}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe => No File
FirewallRules: [TCP Query User{EB223C70-8FA3-478D-865A-5593BCA5B9BA}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe => No File
FirewallRules: [UDP Query User{839B64B8-F4B4-4FC5-90C3-12A7EB2C2BDA}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe => No File
FirewallRules: [TCP Query User{79A4FA97-A1D0-4FF2-99A6-D1F479D1312E}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe => No File
FirewallRules: [UDP Query User{A4141805-FE99-410C-84EC-1201EBB7836B}C:\users\riosme\desktop\eclipse\eclipse.exe] => (Block) C:\users\riosme\desktop\eclipse\eclipse.exe => No File
FirewallRules: [TCP Query User{A866A05B-BB30-488A-9A1E-2134AE9AA4AB}C:\users\riosme\desktop\eclipse\eclipse.exe] => (Block) C:\users\riosme\desktop\eclipse\eclipse.exe => No File
FirewallRules: [{CF3763FF-9AE1-40AC-8FA7-FCC55E9310FC}] => (Allow) LPort=1689
FirewallRules: [UDP Query User{FB3886D5-FEDA-4E08-9BFF-B94E79E1DD8A}C:\program files (x86)\nba 2k17\nba2k17.exe] => (Block) C:\program files (x86)\nba 2k17\nba2k17.exe => No File
FirewallRules: [TCP Query User{ECB52C52-D66B-4CEC-BCBA-0A33D2669314}C:\program files (x86)\nba 2k17\nba2k17.exe] => (Block) C:\program files (x86)\nba 2k17\nba2k17.exe => No File
FirewallRules: [UDP Query User{2D95FE78-7639-4415-8A46-D1222947F3E1}C:\gg\assetto corsa\acs.exe] => (Block) C:\gg\assetto corsa\acs.exe => No File
FirewallRules: [TCP Query User{6E60BE56-AE8D-4CA8-A798-A4C1F48DCB31}C:\gg\assetto corsa\acs.exe] => (Block) C:\gg\assetto corsa\acs.exe => No File
FirewallRules: [UDP Query User{B045694E-934D-4411-8E89-348651AE564D}C:\gg\assetto corsa\acs.exe] => (Block) C:\gg\assetto corsa\acs.exe => No File
FirewallRules: [TCP Query User{976A87C9-74D0-4846-9A72-1618EA209A53}C:\gg\assetto corsa\acs.exe] => (Block) C:\gg\assetto corsa\acs.exe => No File
FirewallRules: [UDP Query User{BB0137DB-F125-4A4F-82A8-981502007063}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe => No File
FirewallRules: [TCP Query User{1C8BFE31-3237-4D0D-A188-AF12E862FD93}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe => No File
FirewallRules: [UDP Query User{78A01BE4-F57A-400C-A777-22FB312F145C}C:\program files\java\jdk1.8.0_121\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_121\bin\jmc.exe => No File
FirewallRules: [TCP Query User{9B222EE9-9B56-47E7-95BE-A4234544A585}C:\program files\java\jdk1.8.0_121\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_121\bin\jmc.exe => No File
FirewallRules: [{80708602-4036-47A0-9654-F004E40E8A9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D59306D-BBCA-49CC-BBC8-8F256C277B04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9BEF1A3-D6E5-4198-82A6-4D701C9A66D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{13FDD24C-D7DA-4A9E-9C14-61809182CBB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{983279E7-F010-45BA-A45C-D24D8FBB6604}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AB76940B-172B-47F9-B523-2EED1AD1C99F}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{D10A6306-F14E-483C-8D54-E7DB485F6FED}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{8515A63E-85D3-4BCE-9AD2-566EC46F1AD9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A07BFDFF-72D2-42FA-9F90-A1A29F7E7C8B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A0AF91B6-4DA9-4B91-8934-11C4C5470AE5}] => (Allow) C:\gg\The Sims 4 [FitGirl Repack]\setup-multi17.exe => No File
FirewallRules: [{6B8DF1FA-8E96-4801-BA9E-21EE2A29DB5A}] => (Allow) C:\gg\The Sims 4 [FitGirl Repack]\setup-multi17.exe => No File
FirewallRules: [{4A9C5D81-28EE-475E-A18C-E3EAADBBCCF6}] => (Allow) C:\gg\The Sims 4 [FitGirl Repack]\setup-multi17.exe => No File
FirewallRules: [{9833FA3F-0EE7-4654-9234-DE7153371E30}] => (Allow) C:\gg\The Sims 4 [FitGirl Repack]\setup-multi17.exe => No File
FirewallRules: [{6FCE717E-DB1C-4163-8A85-522EA3E3FD64}] => (Allow) C:\Users\riosme\Desktop\Microsoft Toolkit.exe => No File
FirewallRules: [{A0E242F9-E3F9-4F62-967E-235755D091AF}] => (Allow) C:\Users\riosme\Desktop\Microsoft Toolkit.exe => No File
FirewallRules: [UDP Query User{0F74879D-E103-4177-8367-4EECA4285271}C:\games\microsoft flight simulator x - steam edition\fsx.exe] => (Block) C:\games\microsoft flight simulator x - steam edition\fsx.exe => No File
FirewallRules: [TCP Query User{CF76B0DA-F287-473E-B1B4-814CD312BDDD}C:\games\microsoft flight simulator x - steam edition\fsx.exe] => (Block) C:\games\microsoft flight simulator x - steam edition\fsx.exe => No File
FirewallRules: [UDP Query User{268B17AC-483B-4FFC-892F-1E1A4ECA6FE4}C:\program files (x86)\nba 2k17\nba2k17.exe] => (Block) C:\program files (x86)\nba 2k17\nba2k17.exe => No File
FirewallRules: [TCP Query User{D71787F6-5313-4F87-9B90-5E3EF9432AC6}C:\program files (x86)\nba 2k17\nba2k17.exe] => (Block) C:\program files (x86)\nba 2k17\nba2k17.exe => No File
FirewallRules: [UDP Query User{6720194F-C747-4A85-B814-9849C89498A7}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe => No File
FirewallRules: [TCP Query User{26014F8A-75C6-415C-8129-09E1DADEE918}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe => No File
FirewallRules: [UDP Query User{EDB8D7A2-FBD3-44E2-AD29-AA3300CEBB67}C:\program files (x86)\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\counter-strike global offensive\csgo.exe => No File
FirewallRules: [TCP Query User{CA6AEC87-20FC-49AA-BD3E-23AB4C0A0054}C:\program files (x86)\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\counter-strike global offensive\csgo.exe => No File
FirewallRules: [{F48C93FC-5A03-4759-963A-F9556495A7B5}] => (Allow) LPort=1689
FirewallRules: [UDP Query User{BD493D0D-D2C4-4DCA-B4AA-764BDC23B4F6}C:\program files (x86)\ubisoft\far cry 4 complete edition\bin\farcry4.exe] => (Allow) C:\program files (x86)\ubisoft\far cry 4 complete edition\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{0B4D5321-BCA0-4128-B000-7B4F5D916DC4}C:\program files (x86)\ubisoft\far cry 4 complete edition\bin\farcry4.exe] => (Allow) C:\program files (x86)\ubisoft\far cry 4 complete edition\bin\farcry4.exe => No File
FirewallRules: [{D4FF9533-C9BD-4FB8-8435-EB7F87227F94}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe => No File
FirewallRules: [{134CFC0D-A276-4B2B-8388-85C67A3E2F85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe => No File
FirewallRules: [{258C0D32-434C-45DD-8B51-76006D08601F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{39A7412B-6330-4768-81A1-5F113AAC97AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File
FirewallRules: [{164AEEF9-F0B1-4859-8CA0-59996E9A0E39}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{3A6C2EF1-32F0-4E3B-A8F6-6AC5CE9F7A3E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{81A919BE-F46A-4DC5-9B07-CFE94E5CBB6E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{5DF16BB9-AF7A-41C4-8BA2-3662C26B2A00}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{38668478-B868-4FF1-92B0-9CB8F15D1044}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{350784BB-CFE5-4E08-97C5-F09431B5B1FB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{36EEE16F-AC71-473E-B947-8B6BF69FE985}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{11906F14-B834-4FA3-A872-82300850072C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{87519E55-5D1A-474E-A731-92AFDFDCA720}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{C432707D-345A-4179-ADD1-C87BCE66ED3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{964FA975-F78C-4082-ABFB-A93643F1A6B1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{D67AF96F-0731-4A47-8DCB-8D171F25D98A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{AEA361AB-8514-4159-A28B-638C1C344A69}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{51C05C46-6116-4015-82A3-E0A5DA4C37D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{4151A125-5D69-4B19-B0C0-73DB54BE251D}] => (Allow) C:\Users\riosme\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{EF3AFB49-15E0-4CDB-BE38-1955BBC829D0}] => (Allow) C:\Users\riosme\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{986A83D3-2E4C-46D6-BFB2-612D2EF94DA2}] => (Allow) C:\Users\riosme\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{E6644A8C-E5C4-4C87-9930-8762242C3AA2}] => (Allow) C:\Users\riosme\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D7320A5D-694A-4623-A122-0D71F4BBF646}] => (Allow) C:\Users\riosme\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{5FD61EF6-E03B-406E-A958-83A2CA263E46}] => (Allow) C:\Users\riosme\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{CEED0986-3161-4B8E-BAFD-A56B97E81AEE}C:\users\riosme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\riosme\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{62A0A177-C170-4777-A4E6-5F422EA72077}C:\users\riosme\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\riosme\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{9EECED9D-A7E5-4EAA-B79D-37A5DFA375C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4E6174B1-119F-4AAF-A7E5-C8A9CE2D84EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0C6E166A-D137-4288-81FC-24BF756EF0A9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{45FCE54E-2A5E-4F2D-BA99-E5C73808A089}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{976AC835-6131-457B-A06B-63E1C08209AD}C:\program files (x86)\city car driving\bin\win32\starter.exe] => (Allow) C:\program files (x86)\city car driving\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{478F2739-73DE-4F8B-A8FE-7EFB1770E89E}C:\program files (x86)\city car driving\bin\win32\starter.exe] => (Allow) C:\program files (x86)\city car driving\bin\win32\starter.exe => No File
FirewallRules: [{5DE8A132-6F7B-4E09-B122-1973FB3E57F7}] => (Allow) C:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe => No File
FirewallRules: [{7B7D6447-0F63-43E9-9A3C-AC028EB824FC}] => (Allow) C:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe => No File
FirewallRules: [{46ECC90D-66FD-4F4A-A0A0-8E977FA0E978}] => (Allow) C:\Program Files (x86)\SQUARE ENIX\Hitman Absolution\HMA.exe => No File
FirewallRules: [{DB5E408E-AC4A-40FF-9ABA-8F20212F1EA4}] => (Allow) C:\Program Files (x86)\SQUARE ENIX\Hitman Absolution\HMA.exe => No File
FirewallRules: [{7B13A1A0-3B29-4235-8A82-397C32D64E10}] => (Allow) C:\Program Files (x86)\SQUARE ENIX\Hitman Absolution\HMA.exe => No File
FirewallRules: [{F4898FDF-A47B-487F-80D4-BAE8DD1B2D87}] => (Allow) C:\Program Files (x86)\SQUARE ENIX\Hitman Absolution\HMA.exe => No File
FirewallRules: [TCP Query User{4E9EBA25-6C01-4911-9264-76F6D2CE5726}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{72C1F9E0-B9CA-4A05-B176-7D2B1635F3AA}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [{0DE4BC06-90E9-41AE-BDE8-B679DD9688F3}] => (Allow) C:\Program Files (x86)\Train Simulator 2016\Launcher.exe => No File
FirewallRules: [{96A46E6E-0D27-40A5-AC0F-F4E35E15D0DA}] => (Allow) C:\Program Files (x86)\Train Simulator 2016\Launcher.exe => No File
FirewallRules: [TCP Query User{21B8710E-9A02-421D-BD38-C19A3A10860A}C:\program files (x86)\train simulator 2016\railworks.exe] => (Allow) C:\program files (x86)\train simulator 2016\railworks.exe => No File
FirewallRules: [UDP Query User{2142A004-3D89-49EE-AD85-9514054279BB}C:\program files (x86)\train simulator 2016\railworks.exe] => (Allow) C:\program files (x86)\train simulator 2016\railworks.exe => No File
FirewallRules: [{8AE63D54-214C-4F33-A12B-F1AF539E0664}] => (Allow) C:\program files (x86)\train simulator 2016\railworks.exe => No File
FirewallRules: [{98AFD86A-C6D6-4BD2-9B87-D1B9109F5C17}] => (Allow) C:\program files (x86)\train simulator 2016\railworks.exe => No File
FirewallRules: [TCP Query User{C1117B40-AF2A-4F7A-AAFB-D20BE8BCCE95}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe => No File
FirewallRules: [UDP Query User{E4DBD308-07B6-46BF-B68C-1A63B579C4A0}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe => No File
FirewallRules: [TCP Query User{37183FBE-0756-413A-BCB5-404E38637824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{76F961D6-6CD0-42F6-BA9E-9886DDF4548E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{0AF7F835-CB3F-44CD-B755-32ADD6FFBADD}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{4F43D919-9EC3-4E0F-9C8E-706D9FF9DFB1}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{8732E406-F6B4-4C4C-AD18-D01FEEE80DAB}C:\gg\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\gg\call of duty 4 - modern warfare\iw3mp.exe => No File
FirewallRules: [UDP Query User{226FF62F-CA21-4D31-969E-8F32F882EF0E}C:\gg\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\gg\call of duty 4 - modern warfare\iw3mp.exe => No File
FirewallRules: [TCP Query User{8D6DCB93-F35D-41B8-B1A0-0FCA1E7CDAD8}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{A950B8F3-960F-4FB6-B500-D5651BE5AAC7}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{7AB8332F-16DF-4A90-B6D7-984CFBA6CB9C}C:\gg\hl.exe] => (Block) C:\gg\hl.exe => No File
FirewallRules: [UDP Query User{86301C6A-18DF-48B3-9DF2-E251C3141430}C:\gg\hl.exe] => (Block) C:\gg\hl.exe => No File
FirewallRules: [TCP Query User{17A14EF3-F994-4AFD-B501-B28C99D96B43}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{EB8C9062-93D9-4B65-B670-7AE7CAE526D6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E488FF95-CCCA-4401-B607-0D2A23D27901}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1FECA0D9-FFE4-4B81-919D-3EE5BF603FFF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{460E246B-2B27-48AE-937C-74758BE099B6}C:\program files (x86)\dzrepack games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files (x86)\dzrepack games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe => No File
FirewallRules: [UDP Query User{EAE0E67D-A63D-4419-82AA-E0505C16F583}C:\program files (x86)\dzrepack games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files (x86)\dzrepack games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe => No File
FirewallRules: [TCP Query User{528B5C7D-6702-4BB3-8B1C-95E830586E1A}C:\games\call of duty - black ops\blackops.exe] => (Block) C:\games\call of duty - black ops\blackops.exe => No File
FirewallRules: [UDP Query User{08C2B2D4-14F8-4E20-95C5-22545931514C}C:\games\call of duty - black ops\blackops.exe] => (Block) C:\games\call of duty - black ops\blackops.exe => No File
FirewallRules: [TCP Query User{601C047E-787C-4BF1-AAF8-2E3B85D7E5E9}C:\gg\halflife\hl.exe] => (Block) C:\gg\halflife\hl.exe => No File
FirewallRules: [UDP Query User{C8369B24-2336-4A27-910E-F19D6BB060C0}C:\gg\halflife\hl.exe] => (Block) C:\gg\halflife\hl.exe => No File
FirewallRules: [TCP Query User{4272631B-A6A0-458B-8404-4CB290EF5A64}C:\games\call of duty - black ops 2\t6sp.exe] => (Block) C:\games\call of duty - black ops 2\t6sp.exe => No File
FirewallRules: [UDP Query User{B68D6930-DBC6-43D6-91B3-39A6F2E6BD21}C:\games\call of duty - black ops 2\t6sp.exe] => (Block) C:\games\call of duty - black ops 2\t6sp.exe => No File
FirewallRules: [TCP Query User{3B8F35B1-A1A7-4EF6-B607-667BDB2F8850}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{8730A8F3-6574-4D48-A992-73F574916E0D}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{97C8CEB7-89C4-46AE-A5E8-04153FBCB051}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B6D59C29-FB9E-4B06-A171-5FEFBD5008C2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{C342FA6E-0F33-406A-A145-294F283FC353}C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe => No File
FirewallRules: [UDP Query User{6F180B5B-F243-48AA-8033-0F53DE930A07}C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe => No File
FirewallRules: [TCP Query User{7277E662-F61A-408D-8CC1-8AB8EB240EB0}C:\program files\cisco packet tracer 7.2\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2\bin\packettracer7.exe => No File
FirewallRules: [UDP Query User{52690413-FE60-4DF3-81C9-1DA6E1BD3C87}C:\program files\cisco packet tracer 7.2\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2\bin\packettracer7.exe => No File
FirewallRules: [{CE9B1404-8AC2-46C9-9D1E-22E5DE5F5AC7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D76FCFDD-8528-4612-B3CA-C40E884D6C77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7BB0B77F-3239-4675-BBDE-5CE3E6060DC8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{828764CE-7AB6-4EBA-9BC6-FE3171EF5293}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3DD80D9E-F677-4029-A681-92154D2DEF6B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D6FC5945-F4D7-452F-85BE-030F02EF9D8E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [TCP Query User{F342D79D-A321-4528-8244-8F5B524475B8}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{4A744F13-39E3-4280-88D1-041639E013AB}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [{49E373B5-B84C-4173-81BC-B9A82D37E5C1}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9A6054CF-C91C-4686-B40E-91B08793F924}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1B93BF99-D223-427C-BD68-889C162118FA}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{7A2579FD-06DE-42D1-B196-0887A940264D}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2398AAD0-0CCD-435B-9B7A-10D492F8BF38}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{47FBA42B-51D0-41D7-A755-B175B28781BD}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{79C162E6-5968-4C66-8F09-79F46AB3A5C9}] => (Allow) C:\Users\riosme\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{4D476895-6A5A-4E0D-8957-38652C9693BF}] => (Allow) C:\Users\riosme\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{4C6E830C-61F5-480D-8347-183A78CC9E1E}] => (Allow) C:\Users\riosme\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F10890B7-6681-4657-B5CA-3B0113922D7C}] => (Allow) C:\Users\riosme\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{441D2E50-52DE-41AC-AF26-13BDE89B3429}] => (Allow) C:\Users\riosme\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6973F7E9-D235-44B6-8B8C-1A7D4CDF4049}] => (Allow) C:\Users\riosme\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{42949E2C-DEE7-466F-810C-93455A861324}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{40F468EE-57D9-427A-B9EC-2407CA6336E6}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{89EF0071-6AE2-43CB-8848-2C625E20235B}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{4B653D8A-C9D4-4199-9F86-70BC9F978A70}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9D5F6BD2-F6FA-4653-AD56-FE4C1A20E125}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{8CFA95A7-2C5D-4D85-AEF0-19495162A95A}] => (Allow) LPort=3001
FirewallRules: [TCP Query User{92402AE9-2C9A-4D4B-96E2-49E44FFA3EBA}C:\users\riosme\desktop\eco.v0.7.6.3\eco_data\server\ecoserver.exe] => (Allow) C:\users\riosme\desktop\eco.v0.7.6.3\eco_data\server\ecoserver.exe => No File
FirewallRules: [UDP Query User{35E08146-1D0E-413F-84DB-1D0BDEE18490}C:\users\riosme\desktop\eco.v0.7.6.3\eco_data\server\ecoserver.exe] => (Allow) C:\users\riosme\desktop\eco.v0.7.6.3\eco_data\server\ecoserver.exe => No File
FirewallRules: [TCP Query User{0BA70722-BB80-44C0-8F89-471DD1DD7DFD}C:\games\pc building simulator\pcbs.exe] => (Block) C:\games\pc building simulator\pcbs.exe => No File
FirewallRules: [UDP Query User{1ED7E8C4-ADFC-45B9-B6F2-7672D9411CEC}C:\games\pc building simulator\pcbs.exe] => (Block) C:\games\pc building simulator\pcbs.exe => No File
FirewallRules: [TCP Query User{5A83763A-AE3A-452C-84E1-52A165E5E1A0}C:\users\riosme\desktop\receiver2017 editorversion\receiver and vjoy\900steeringwheel_newreceiver.exe] => (Allow) C:\users\riosme\desktop\receiver2017 editorversion\receiver and vjoy\900steeringwheel_newreceiver.exe => No File
FirewallRules: [UDP Query User{137C63FF-C76F-4707-A88F-14BF19D282C1}C:\users\riosme\desktop\receiver2017 editorversion\receiver and vjoy\900steeringwheel_newreceiver.exe] => (Allow) C:\users\riosme\desktop\receiver2017 editorversion\receiver and vjoy\900steeringwheel_newreceiver.exe => No File
FirewallRules: [TCP Query User{3725B50D-5B8D-45CA-A9C8-C4B793C89917}C:\users\riosme\desktop\wangan\wmmt5\wmn5r.exe] => (Allow) C:\users\riosme\desktop\wangan\wmmt5\wmn5r.exe => No File
FirewallRules: [UDP Query User{7A953649-064E-4A3D-A5B6-DB81A35A2CE2}C:\users\riosme\desktop\wangan\wmmt5\wmn5r.exe] => (Allow) C:\users\riosme\desktop\wangan\wmmt5\wmn5r.exe => No File
FirewallRules: [{E22AEE85-9F11-48F7-9F4C-C1E18649D179}] => (Block) C:\users\riosme\desktop\wangan\wmmt5\wmn5r.exe => No File
FirewallRules: [{2A24BA76-735C-4FF2-A8A8-610AB61F8706}] => (Block) C:\users\riosme\desktop\wangan\wmmt5\wmn5r.exe => No File
FirewallRules: [{280F69C4-BF25-42BD-A2E4-75524BD12A6C}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => No File
FirewallRules: [{E2D48626-18B5-405E-AFD0-B4E89CFC96FA}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{B59BF4D4-408B-4E9A-8AD6-F7EAC3C10FFB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FA97AB9-6E3B-4C6C-984F-52F206908B75}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B0B7B364-CD1C-4A1F-B232-C0F6CA6E9016}C:\program files\java\jdk1.8.0_201\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_201\jre\bin\javaw.exe
FirewallRules: [UDP Query User{BF851858-0BAB-483C-8444-8ADF11CD806F}C:\program files\java\jdk1.8.0_201\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_201\jre\bin\javaw.exe
FirewallRules: [TCP Query User{31AE6CAF-8FB5-49A3-A529-3A5AA47E1D73}C:\program files\netbeans 8.2\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.2\bin\netbeans64.exe => No File
FirewallRules: [UDP Query User{7B189814-F6AA-47B1-93B4-2C131D7CD002}C:\program files\netbeans 8.2\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.2\bin\netbeans64.exe => No File
FirewallRules: [TCP Query User{7CEB028E-C018-437E-95F2-F0B8C7A1EB71}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{F2D5306F-B763-4E26-8421-748284DF695F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{D0367746-1119-47F8-B4CA-FAB130DED040}C:\program files\java\jdk1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_201\bin\java.exe
FirewallRules: [UDP Query User{66F98AF3-D264-455D-A8F4-EAAD1B318420}C:\program files\java\jdk1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_201\bin\java.exe
FirewallRules: [TCP Query User{AD77C111-29C8-4A25-BCAE-E2ACD8E61AF2}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => No File
FirewallRules: [UDP Query User{675B42B1-AF3E-4C11-9A70-61DB069A8F74}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => No File
FirewallRules: [{EE8B0DD6-B9B2-4780-91B7-0DC4961A1775}] => (Block) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => No File
FirewallRules: [{F5F56A81-3344-4603-A744-66A6A85D8DA0}] => (Block) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => No File
FirewallRules: [TCP Query User{9F790B7A-5853-4404-AFBC-93D4860B5C34}C:\users\riosme\desktop\command and conquer red alert 2 (v1.006) + yuri's revenge (v1.001)\gamemd.exe] => (Allow) C:\users\riosme\desktop\command and conquer red alert 2 (v1.006) + yuri's revenge (v1.001)\gamemd.exe => No File
FirewallRules: [UDP Query User{8A08107B-C0F7-4436-A7A1-B395CC9E67E0}C:\users\riosme\desktop\command and conquer red alert 2 (v1.006) + yuri's revenge (v1.001)\gamemd.exe] => (Allow) C:\users\riosme\desktop\command and conquer red alert 2 (v1.006) + yuri's revenge (v1.001)\gamemd.exe => No File
FirewallRules: [{B0114FC8-AA19-40AC-B2F7-D8D5BC8400E1}] => (Block) C:\users\riosme\desktop\command and conquer red alert 2 (v1.006) + yuri's revenge (v1.001)\gamemd.exe => No File
FirewallRules: [{1A339687-E713-4B60-A91F-A3A389F7BDA8}] => (Block) C:\users\riosme\desktop\command and conquer red alert 2 (v1.006) + yuri's revenge (v1.001)\gamemd.exe => No File
FirewallRules: [TCP Query User{EE009297-9DD1-40E0-961B-ABE3454E7C1E}C:\games\nba 2k17\nba2k17.exe] => (Allow) C:\games\nba 2k17\nba2k17.exe => No File
FirewallRules: [UDP Query User{54B94B8A-B2BB-4F07-AF4F-615313B00BD2}C:\games\nba 2k17\nba2k17.exe] => (Allow) C:\games\nba 2k17\nba2k17.exe => No File
FirewallRules: [{76640C38-FED7-4A75-9921-5479997B1D0C}] => (Block) C:\games\nba 2k17\nba2k17.exe => No File
FirewallRules: [{99E19E89-6785-4A2A-8C3A-7CD8C3D5AAE7}] => (Block) C:\games\nba 2k17\nba2k17.exe => No File
FirewallRules: [{1DA3E82C-4B42-40C4-AAB4-D3CD32E4750C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [TCP Query User{1505F910-5B03-401E-893F-94E5F430DC94}C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [UDP Query User{7B699B5A-152D-430D-8678-DC07F1D090C4}C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [{8FF17ACF-8374-4A79-9550-954E705DED10}] => (Allow) C:\Users\riosme\AppData\Local\Temp\7zS2F8A\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{69429F98-FB44-46A7-8B5C-DEB00CC39A2D}] => (Allow) C:\Users\riosme\AppData\Local\Temp\7zS2F8A\HPDiagnosticCoreUI.exe => No File
FirewallRules: [TCP Query User{9ECBE583-F85E-4F42-8725-CE06C81EE75F}C:\games\rfactor 2\bin64\rfactor2.exe] => (Allow) C:\games\rfactor 2\bin64\rfactor2.exe => No File
FirewallRules: [UDP Query User{4249EAA4-C9AE-4294-8A82-71C24B872226}C:\games\rfactor 2\bin64\rfactor2.exe] => (Allow) C:\games\rfactor 2\bin64\rfactor2.exe => No File
FirewallRules: [TCP Query User{D555064D-46CF-4CF6-A7AC-FB2D35D3ACF9}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{139215A9-522E-4AB3-AAB0-45BB7C0D17B0}C:\program files\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{7EC87F86-5337-47F6-9636-85ECAC6560D1}] => (Block) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{20323C74-B0DA-4DB5-9370-273E52FE3542}] => (Block) C:\program files\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{85EAE4B2-3C5A-4A65-A439-24B7A52C5AA0}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{5835C950-2071-4B8C-9FD8-D694E246F629}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{4C2C82E0-6311-4507-924F-06449F418C0A}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => No File
FirewallRules: [UDP Query User{BDF9CABE-981D-4077-A32F-95E7DB3C7B6B}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => No File
FirewallRules: [TCP Query User{14402327-142C-4A1B-B0C8-FF4265AB5BA3}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{565B7457-8DD6-4F1F-BFA6-75E9DFC7F87B}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [TCP Query User{D6C7DB00-670C-45BB-98B1-18A6A9F529B1}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => No File
FirewallRules: [UDP Query User{FD3F1EFF-3D27-45EB-82F9-FC1B0ADB1BBA}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => No File
FirewallRules: [TCP Query User{E8C7A5A4-50C1-4C78-9020-FF1175147362}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => No File
FirewallRules: [UDP Query User{C765636B-573A-4C15-9611-55A557D99FB7}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => No File
FirewallRules: [TCP Query User{8BB52DDF-6865-4702-B47F-B6F3CAF5AE5E}C:\gg\valheim\valheim.exe] => (Allow) C:\gg\valheim\valheim.exe () [File not signed]
FirewallRules: [UDP Query User{A46E59BF-1DA5-4120-85AA-2479C635F7FF}C:\gg\valheim\valheim.exe] => (Allow) C:\gg\valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{82A46D0E-297B-4C92-9F16-C938205CD56D}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.431\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.431\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{774F3D92-0BEE-43F8-AAAF-5DAAD25280AE}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.431\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.431\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{5F4BCABF-A7EF-4D7A-9FF9-B961A9A394E2}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.434\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{F0C0824E-5EE0-4364-8004-0E598D16B727}C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Allow) C:\users\riosme\appdata\local\programs\opera gx\73.0.3856.434\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{93DC46F1-322D-4168-AE11-94AD7BA3D0F4}C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe] => (Allow) C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe (Jeppesen Sanderson, Inc -> Jeppesen-Sanderson)
FirewallRules: [UDP Query User{946AE008-C12A-4627-A033-BF0AF158EF12}C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe] => (Allow) C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe (Jeppesen Sanderson, Inc -> Jeppesen-Sanderson)
FirewallRules: [{1A2CE4C7-5A42-4D0E-B410-2FD5887E7C85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B80B1245-7A08-48C4-A294-6B28820B2A28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7A1484D-04A1-4244-BA99-C17F8D020A10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{622BF019-FDE5-40C1-89B5-7E0BFD1D6C08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A6BDE88F-1C12-4CC3-A35C-625DCEE56D7A}C:\gg\city.car.driving.v1.5.9.2\bin\win32\starter.exe] => (Allow) C:\gg\city.car.driving.v1.5.9.2\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{92238270-45EB-4DF3-B354-00FAE28315BC}C:\gg\city.car.driving.v1.5.9.2\bin\win32\starter.exe] => (Allow) C:\gg\city.car.driving.v1.5.9.2\bin\win32\starter.exe => No File
FirewallRules: [{4853C12C-BDDB-42DC-B86A-032A25A118B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{2FE06D09-4FA7-4AD2-8C6E-FAA69C18A561}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{C65D319F-702D-4625-87ED-EF3AD8A6E1DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{D8E542F7-5466-4812-8346-1109B69FDB5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{73BCBACA-059A-4BBD-B260-E8537F7B5043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [File not signed]
FirewallRules: [{CCB0997B-27D1-40C7-B6F7-C0BF28089598}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [File not signed]
FirewallRules: [{B0E72427-F20B-4EDD-B87C-238A88CD5326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9AC4F0F0-1A83-479B-8641-D77D1B993402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{88D5954B-AF29-4457-8BCD-074D327D0AC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{637FA55D-13AF-4930-93B6-948F3CF75BBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{03848727-6E82-4810-BB6B-480E9F9C94F8}C:\games\realpolitiks ii\rp2.exe] => (Allow) C:\games\realpolitiks ii\rp2.exe => No File
FirewallRules: [UDP Query User{68397F61-C9C3-4130-93DE-3E09B5A7B9DD}C:\games\realpolitiks ii\rp2.exe] => (Allow) C:\games\realpolitiks ii\rp2.exe => No File
FirewallRules: [TCP Query User{38AB641B-CA26-4495-A194-45B3FB9A098E}C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license\license\licensemalwarebytes.exe] => (Allow) C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license\license\licensemalwarebytes.exe () [File not signed]
FirewallRules: [UDP Query User{04B350CD-EB01-4B34-90DC-F144921D2653}C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license\license\licensemalwarebytes.exe] => (Allow) C:\gg\malwarebytes anti-malware premium 4.2.0.82 incl license\license\licensemalwarebytes.exe () [File not signed]

Broni · May 27, 2021

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Double click on downloaded setup.exe file to install the program.
Click on Start Scan button.
Click on another Start Scan button.
Wait until the Status box shows Scan Finished
Click on Remove Selected.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
Then click Finish.
Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.
The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8/10 users right-click and select Run As Administrator
The tool will start to update the database if one is required.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Logfile button.
A window will open which lists the logs of your scans.
Click on the Scan tab.
Double-click the most recent scan which will be at the top of the list....the log will appear.
Review the results...see note below
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Mackiirios · May 27, 2021

==================== Restore Points =========================

05-05-2021 12:33:01 Scheduled Checkpoint
13-05-2021 11:41:44 Scheduled Checkpoint
21-05-2021 19:37:18 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/26/2021 11:36:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.

Error: (05/26/2021 11:06:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.

Error: (05/26/2021 10:59:20 PM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Word couldn't start last time. Safe mode could help you troubleshoot the problem, but some features might not be available in this mode.

Do you want to start in safe mode?.
Rejected Safe Mode action : Microsoft Word.

Error: (05/26/2021 10:43:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.

Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (05/26/2021 10:39:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f9c626cf-23f0-4794-9986-9a71181e6546}

Error: (05/26/2021 10:38:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.

Error: (05/26/2021 10:34:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Jeppesen\JeppView for Windows\JeppView.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.

Error: (05/26/2021 08:12:37 PM) (Source: Nalpeiron: log thread) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (05/26/2021 11:03:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Device Setup Manager service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (05/26/2021 11:03:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Device Setup Manager service to connect.

Error: (05/26/2021 10:41:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Jeppesen Weather Controller Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/26/2021 10:41:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/26/2021 10:41:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Security Assist service terminated unexpectedly. It has done this 1 time(s).

Error: (05/26/2021 10:41:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (05/26/2021 10:41:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server CEIP service (MSSQLSERVER) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/26/2021 10:41:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server (MSSQLSERVER) service terminated unexpectedly. It has done this 1 time(s).

Windows Defender:
================
Date: 2021-05-26 23:36:42
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

Trojan:Win32/Ymacco.AB2D threat description - Microsoft Security Intelligence

Name: Trojan:Win32/Ymacco.AB2D
Severity: Severe
Category: Trojan
Path: file:_C:\gg\Malwarebytes Anti-Malware Premium 4.2.0.82 incl License\License\LicenseMalwareBytes.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.339.1391.0, AS: 1.339.1391.0, NIS: 1.339.1391.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-26 23:36:34
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

Trojan:Win32/Ymacco.AB2D threat description - Microsoft Security Intelligence

Name: Trojan:Win32/Ymacco.AB2D
Severity: Severe
Category: Trojan
Path: file:_C:\gg\Malwarebytes Anti-Malware Premium 4.2.0.82 incl License\License\LicenseMalwareBytes.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\riosme\AppData\Roaming\BitTorrent\BitTorrent.exe
Security intelligence Version: AV: 1.339.1391.0, AS: 1.339.1391.0, NIS: 1.339.1391.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-26 23:14:10
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

HackTool:Win32/Keygen threat description - Microsoft Security Intelligence

Name: HackTool:Win32/Keygen
Severity: High
Category: Tool
Path: file:_C:\Users\riosme\AppData\Roaming\BitTorrent\msimg32.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\riosme\AppData\Roaming\BitTorrent\BitTorrent.exe
Security intelligence Version: AV: 1.339.1391.0, AS: 1.339.1391.0, NIS: 1.339.1391.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-26 23:10:53
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

Trojan:Script/Conteban.A!ml threat description - Microsoft Security Intelligence

Name: Trojan:Script/Conteban.A!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\riosme\Downloads\Hershy_Launcher.rar
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.339.1391.0, AS: 1.339.1391.0, NIS: 1.339.1391.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-25 13:55:26
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

Trojan:Win32/Tiggre!rfn threat description - Microsoft Security Intelligence

Name: Trojan:Win32/Tiggre!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Users\riosme\Desktop\G\Euro Truck Simulator 2 v1.16.x.x - v1.40.x.x Plus +15 Trainer.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.339.1313.0, AS: 1.339.1313.0, NIS: 1.339.1313.0
Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

CodeIntegrity:
===============
Date: 2021-05-26 10:10:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\riosme\AppData\Local\Programs\Opera GX\73.0.3856.434\opera.exe) attempted to load \Device\HarddiskVolume4\Users\riosme\AppData\Local\Discord\app-1.0.9002\modules\discord_hook-1\discord_hook\6bd4b4f2359\DiscordHook64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-26 09:16:49
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-05-24 20:40:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\riosme\AppData\Local\Programs\Opera GX\73.0.3856.434\opera.exe) attempted to load \Device\HarddiskVolume4\Users\riosme\AppData\Local\Discord\app-1.0.9001\modules\discord_hook-2\discord_hook\8ed988ee26d\DiscordHook64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.07 03/17/2015
Motherboard: Acer ZORO_BH
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 57%
Total physical RAM: 12202.7 MB
Available physical RAM: 5221.68 MB
Total Virtual: 15914.7 MB
Available Virtual: 6467.06 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:915.58 GB) (Free:83.76 GB) NTFS

\\?\Volume{0f8fb4a6-8330-4af6-8637-f55aa9046f0c}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.28 GB) NTFS
\\?\Volume{ff83d7bf-d01a-4d5b-b80b-69ea701cb9c7}\ (Push Button Reset) (Fixed) (Total:14.92 GB) (Free:1.76 GB) NTFS
\\?\Volume{ce931a1a-ddf0-4516-8331-87ef02baee42}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A7DF5CB8)

Partition: GPT.

==================== End of Addition.txt =======================

Mackiirios · May 30, 2021

Will update you for the last step. Thank you

Broni · May 30, 2021

Broni · Jun 4, 2021

Still with me?

Mackiirios · Jun 8, 2021

RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19042) 64 bits
Started in : Normal mode
User : riosme [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210607_074157, Driver : Loaded
Mode : Custom Scan, Delete -- Date : 2021/06/08 15:48:25 (Duration : 03:08:34)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Tencent -- -> Deleted
[PUP.ByteFence|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\ByteFence -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2423985164-1702367186-3377153497-1001\Software\csastats -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2423985164-1702367186-3377153497-1001\Software\IM -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2423985164-1702367186-3377153497-1001\Software\ProductSetup -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2423985164-1702367186-3377153497-1001\Software\Tencent -- -> Deleted
[PUP.ByteFence|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\ByteFence -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{9F947E70-62F3-4F90-B30B-F224FA5D8306}C:\users\riosme\appdata\local\simtoolkitpro\app-0.6.48\simtoolkitpro.exe -- [%localappdata%\simtoolkitpro\app-0.6.48\simtoolkitpro.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EDD5CD9E-F265-434A-9B70-EBDEE1AB165C}C:\users\riosme\appdata\local\teamspeak 3 client\ts3client_win64.exe -- [%localappdata%\teamspeak 3 client\ts3client_win64.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{4DAAADD2-2A64-4DD9-AE04-6AB5F5A996AC}C:\users\riosme\appdata\local\teamspeak 3 client\ts3client_win64.exe -- [%localappdata%\teamspeak 3 client\ts3client_win64.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D220A502-D3D8-4BBD-89C2-994E7DCE4E34}C:\users\riosme\appdata\local\simtoolkitpro\app-0.6.48\simtoolkitpro.exe -- [%localappdata%\simtoolkitpro\app-0.6.48\simtoolkitpro.exe] -> Deleted
[PUP.HackTool (Potentially Malicious)] AutoKMS -- %SystemRoot%\AutoKMS -> Deleted
=> AutoKMS.log -- C:\Windows\AutoKMS\AutoKMS.log -> Deleted
[PUP.OnlineIO (Potentially Malicious)] AdvinstAnalytics -- %localappdata%\AdvinstAnalytics -> Deleted
=> tracking.ini -- C:\Users\riosme\AppData\Local\ADVINS~1\5FDADE~1\110~1.0\tracking.ini -> Deleted
=> 1.1.0.0 -- C:\Users\riosme\AppData\Local\ADVINS~1\5FDADE~1\110~1.0 -> Deleted
=> tracking.ini -- C:\Users\riosme\AppData\Local\ADVINS~1\5FDADE~1\112~1.0\tracking.ini -> Deleted
=> 1.1.2.0 -- C:\Users\riosme\AppData\Local\ADVINS~1\5FDADE~1\112~1.0 -> Deleted
=> 5fdaded5d89551738a950c2b -- C:\Users\riosme\AppData\Local\ADVINS~1\5FDADE~1 -> Deleted
[PUP.HackTool (Potentially Malicious)] KMSpico -- %programdata%\Microsoft\Windows\Start Menu\Programs\KMSpico -> Deleted
=> Log KMSpico.lnk -- C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\KMSpico\LOGKMS~1.LNK -> Deleted
=> Uninstall KMSpico.lnk -- C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\KMSpico\UNINST~1.LNK -> Deleted
[PUP.HackTool (Potentially Malicious)] SalFisher47 -- %programdata%\SalFisher47 -> Deleted
=> FH4_AutoUWP.ini -- C:\PROGRA~3\SALFIS~1\AUTOUW~1\FH4_AU~1.INI -> Deleted
=> developer_mode.reg -- C:\PROGRA~3\SALFIS~1\AUTOUW~1\USEDEV~1\DEVELO~1.REG -> Deleted
=> microsoft_store_apps.reg -- C:\PROGRA~3\SALFIS~1\AUTOUW~1\USEDEV~1\MICROS~1.REG -> Deleted
=> sideload_apps.reg -- C:\PROGRA~3\SALFIS~1\AUTOUW~1\USEDEV~1\SIDELO~1.REG -> Deleted
=> Use developer features -- C:\PROGRA~3\SALFIS~1\AUTOUW~1\USEDEV~1 -> Deleted
=> AutoUWP Launcher -- C:\PROGRA~3\SALFIS~1\AUTOUW~1 -> Deleted
=> RunFirst.exe -- C:\PROGRA~3\SALFIS~1\RunFirst\RunFirst.exe -> Deleted
=> RunFirst.txt -- C:\PROGRA~3\SALFIS~1\RunFirst\RunFirst.txt -> Deleted
=> RunFirst -- C:\PROGRA~3\SALFIS~1\RunFirst -> Deleted
=> _Forza Horizon 4.ini -- C:\PROGRA~3\SALFIS~1\UNIGAM~1\_FORZA~1.INI -> Deleted
=> UniGame Launcher -- C:\PROGRA~3\SALFIS~1\UNIGAM~1 -> Deleted
[PUP.HackTool (Potentially Malicious)] KMSpico -- %ProgramFiles%\KMSpico -> Deleted
=> AccessVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~1.REG -> Deleted
=> AccessVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~2.REG -> Deleted
=> AccessVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~3.REG -> Deleted
=> Access_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~1.XRM -> Deleted
=> Access_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~2.XRM -> Deleted
=> Access_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~3.XRM -> Deleted
=> Access_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACCESS~4.XRM -> Deleted
=> Access_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access\ACFE37~1.XRM -> Deleted
=> Access -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Access -> Deleted
=> ExcelVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCELV~1.REG -> Deleted
=> ExcelVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCELV~2.REG -> Deleted
=> ExcelVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCELV~3.REG -> Deleted
=> Excel_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCEL_~1.XRM -> Deleted
=> Excel_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCEL_~2.XRM -> Deleted
=> Excel_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCEL_~3.XRM -> Deleted
=> Excel_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EXCEL_~4.XRM -> Deleted
=> Excel_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel\EX2451~1.XRM -> Deleted
=> Excel -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Excel -> Deleted
=> GrooveVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~1.REG -> Deleted
=> GrooveVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~2.REG -> Deleted
=> GrooveVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~3.REG -> Deleted
=> Groove_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~1.XRM -> Deleted
=> Groove_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~2.XRM -> Deleted
=> Groove_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~3.XRM -> Deleted
=> Groove_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GROOVE~4.XRM -> Deleted
=> Groove_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove\GR6021~1.XRM -> Deleted
=> Groove -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Groove -> Deleted
=> InfoPathVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~1.REG -> Deleted
=> InfoPathVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~2.REG -> Deleted
=> InfoPathVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~3.REG -> Deleted
=> InfoPath_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~1.XRM -> Deleted
=> InfoPath_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~2.XRM -> Deleted
=> InfoPath_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~3.XRM -> Deleted
=> InfoPath_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\INFOPA~4.XRM -> Deleted
=> InfoPath_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath\IN1165~1.XRM -> Deleted
=> InfoPath -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\InfoPath -> Deleted
=> OneNoteVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~1.REG -> Deleted
=> OneNoteVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~2.REG -> Deleted
=> OneNoteVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~3.REG -> Deleted
=> OneNote_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~1.XRM -> Deleted
=> OneNote_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~2.XRM -> Deleted
=> OneNote_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~3.XRM -> Deleted
=> OneNote_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ONENOT~4.XRM -> Deleted
=> OneNote_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote\ON1933~1.XRM -> Deleted
=> OneNote -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\OneNote -> Deleted
=> OutlookVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~1.REG -> Deleted
=> OutlookVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~2.REG -> Deleted
=> OutlookVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~3.REG -> Deleted
=> Outlook_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~1.XRM -> Deleted
=> Outlook_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~2.XRM -> Deleted
=> Outlook_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~3.XRM -> Deleted
=> Outlook_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OUTLOO~4.XRM -> Deleted
=> Outlook_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook\OU2A27~1.XRM -> Deleted
=> Outlook -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Outlook -> Deleted
=> PowerPointVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~1.REG -> Deleted
=> PowerPointVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~2.REG -> Deleted
=> PowerPointVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~3.REG -> Deleted
=> PowerPoint_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~1.XRM -> Deleted
=> PowerPoint_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~2.XRM -> Deleted
=> PowerPoint_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~3.XRM -> Deleted
=> PowerPoint_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POWERP~4.XRM -> Deleted
=> PowerPoint_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1\POC4CE~1.XRM -> Deleted
=> PowerPoint -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\POWERP~1 -> Deleted
=> ProjectProVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~1.REG -> Deleted
=> ProjectProVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~2.REG -> Deleted
=> ProjectProVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~3.REG -> Deleted
=> ProjectPro_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~1.XRM -> Deleted
=> ProjectPro_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~2.XRM -> Deleted
=> ProjectPro_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~3.XRM -> Deleted
=> ProjectPro_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PROJEC~4.XRM -> Deleted
=> ProjectPro_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1\PRA5D8~1.XRM -> Deleted
=> ProjectPro -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~1 -> Deleted
=> ProjectStdVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~1.REG -> Deleted
=> ProjectStdVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~2.REG -> Deleted
=> ProjectStdVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~3.REG -> Deleted
=> ProjectStd_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~1.XRM -> Deleted
=> ProjectStd_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~2.XRM -> Deleted
=> ProjectStd_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~3.XRM -> Deleted
=> ProjectStd_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PROJEC~4.XRM -> Deleted
=> ProjectStd_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2\PRAB27~1.XRM -> Deleted
=> ProjectStd -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PROJEC~2 -> Deleted
=> ProPlusVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~1.REG -> Deleted
=> ProPlusVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~2.REG -> Deleted
=> ProPlusVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~3.REG -> Deleted
=> ProPlus_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~1.XRM -> Deleted
=> ProPlus_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~2.XRM -> Deleted
=> ProPlus_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~3.XRM -> Deleted
=> ProPlus_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PROPLU~4.XRM -> Deleted
=> ProPlus_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus\PRC183~1.XRM -> Deleted
=> ProPlus -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\ProPlus -> Deleted
=> PublisherVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~1.REG -> Deleted
=> PublisherVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~2.REG -> Deleted
=> PublisherVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~3.REG -> Deleted
=> Publisher_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~1.XRM -> Deleted
=> Publisher_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~2.XRM -> Deleted
=> Publisher_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~3.XRM -> Deleted
=> Publisher_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUBLIS~4.XRM -> Deleted
=> Publisher_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1\PUF56D~1.XRM -> Deleted
=> Publisher -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\PUBLIS~1 -> Deleted
=> SmallBusBasicsVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~1.REG -> Deleted
=> SmallBusBasicsVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~2.REG -> Deleted
=> SmallBusBasicsVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~3.REG -> Deleted
=> SmallBusBasics_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~1.XRM -> Deleted
=> SmallBusBasics_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~2.XRM -> Deleted
=> SmallBusBasics_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~3.XRM -> Deleted
=> SmallBusBasics_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMALLB~4.XRM -> Deleted
=> SmallBusBasics_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1\SMD564~1.XRM -> Deleted
=> SmallBusBasics -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\SMALLB~1 -> Deleted
=> StandardVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~1.REG -> Deleted
=> StandardVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~2.REG -> Deleted
=> StandardVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~3.REG -> Deleted
=> Standard_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~1.XRM -> Deleted
=> Standard_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~2.XRM -> Deleted
=> Standard_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~3.XRM -> Deleted
=> Standard_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STANDA~4.XRM -> Deleted
=> Standard_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard\STECED~1.XRM -> Deleted
=> Standard -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Standard -> Deleted
=> VisioPrem_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOP~1.XRM -> Deleted
=> VisioPrem_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOP~2.XRM -> Deleted
=> VisioPrem_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOP~3.XRM -> Deleted
=> VisioPrem_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOP~4.XRM -> Deleted
=> VisioPrem_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI096A~1.XRM -> Deleted
=> VisioPro_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI36AB~1.XRM -> Deleted
=> VisioPro_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI26F5~1.XRM -> Deleted
=> VisioPro_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI5845~1.XRM -> Deleted
=> VisioPro_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI9B63~1.XRM -> Deleted
=> VisioPro_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI0942~1.XRM -> Deleted
=> VisioStd_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOS~1.XRM -> Deleted
=> VisioStd_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOS~2.XRM -> Deleted
=> VisioStd_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOS~3.XRM -> Deleted
=> VisioStd_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOS~4.XRM -> Deleted
=> VisioStd_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VI9B28~1.XRM -> Deleted
=> VisioVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOV~1.REG -> Deleted
=> VisioVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOV~2.REG -> Deleted
=> VisioVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio\VISIOV~3.REG -> Deleted
=> Visio -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Visio -> Deleted
=> WordVLReg32.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORDVL~1.REG -> Deleted
=> WordVLReg64.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORDVL~2.REG -> Deleted
=> WordVLRegWOW.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORDVL~3.REG -> Deleted
=> Word_KMS_Client.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORD_K~1.XRM -> Deleted
=> Word_KMS_Client.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORD_K~2.XRM -> Deleted
=> Word_KMS_Client.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORD_K~3.XRM -> Deleted
=> Word_KMS_Client.RAC_Priv.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WORD_K~4.XRM -> Deleted
=> Word_KMS_Client.RAC_Pub.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word\WO0FDB~1.XRM -> Deleted
=> Word -- C:\PROGRA~1\KMSpico\cert\KMSCER~1\Word -> Deleted
=> kmscert2010 -- C:\PROGRA~1\KMSpico\cert\KMSCER~1 -> Deleted
=> AccessVL_KMS_Client_OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Access\ACCESS~1.XRM -> Deleted
=> AccessVL_KMS_Client_PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Access\ACCESS~2.XRM -> Deleted
=> AccessVL_KMS_Client_PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Access\ACCESS~3.XRM -> Deleted
=> Access -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Access -> Deleted
=> LicenseSetData._F7461D52_7C2B_43B2_8744_EA958E0BD09A.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Excel\LICENS~1.XRM -> Deleted
=> LicenseSetData._F7461D52_7C2B_43B2_8744_EA958E0BD09A.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Excel\LICENS~2.XRM -> Deleted
=> LicenseSetData._F7461D52_7C2B_43B2_8744_EA958E0BD09A.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Excel\LICENS~3.XRM -> Deleted
=> Excel -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Excel -> Deleted
=> LicenseSetData._A30B8040_D68A_423F_B0B5_9CE292EA5A8F.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\InfoPath\LICENS~1.XRM -> Deleted
=> LicenseSetData._A30B8040_D68A_423F_B0B5_9CE292EA5A8F.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\InfoPath\LICENS~2.XRM -> Deleted
=> LicenseSetData._A30B8040_D68A_423F_B0B5_9CE292EA5A8F.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\InfoPath\LICENS~3.XRM -> Deleted
=> InfoPath -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\InfoPath -> Deleted
=> Licenses.sl.ISSUANCE.CLIENT_BRIDGE_OFFICE.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\LICENS~1.XRM -> Deleted
=> Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\LICENS~2.XRM -> Deleted
=> Licenses.sl.ISSUANCE.CLIENT_ROOT_BRIDGE_TEST.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\LICENS~3.XRM -> Deleted
=> Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\LICENS~4.XRM -> Deleted
=> Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\LIEC81~1.XRM -> Deleted
=> Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\LIE91A~1.XRM -> Deleted
=> LicenseSetData._1B9F11E3_C85C_4E1B_BB29_879AD2C909E3.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Lync\LICENS~1.XRM -> Deleted
=> LicenseSetData._1B9F11E3_C85C_4E1B_BB29_879AD2C909E3.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Lync\LICENS~2.XRM -> Deleted
=> LicenseSetData._1B9F11E3_C85C_4E1B_BB29_879AD2C909E3.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Lync\LICENS~3.XRM -> Deleted
=> Lync -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Lync -> Deleted
=> LicenseSetData._EFE1F3E6_AEA2_4144_A208_32AA872B6545.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\OneNote\LICENS~1.XRM -> Deleted
=> LicenseSetData._EFE1F3E6_AEA2_4144_A208_32AA872B6545.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\OneNote\LICENS~2.XRM -> Deleted
=> LicenseSetData._EFE1F3E6_AEA2_4144_A208_32AA872B6545.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\OneNote\LICENS~3.XRM -> Deleted
=> OneNote -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\OneNote -> Deleted
=> LicenseSetData._771C3AFA_50C5_443F_B151_FF2546D863A0.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Outlook\LICENS~1.XRM -> Deleted
=> LicenseSetData._771C3AFA_50C5_443F_B151_FF2546D863A0.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Outlook\LICENS~2.XRM -> Deleted
=> LicenseSetData._771C3AFA_50C5_443F_B151_FF2546D863A0.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Outlook\LICENS~3.XRM -> Deleted
=> Outlook -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Outlook -> Deleted
=> pkeyconfig-office.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PKEYCO~1.XRM -> Deleted

Mackiirios · Jun 8, 2021

=> LicenseSetData._8C762649_97D1_4953_AD27_B7E2C25B972E.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\POWERP~1\LICENS~1.XRM -> Deleted
=> LicenseSetData._8C762649_97D1_4953_AD27_B7E2C25B972E.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\POWERP~1\LICENS~2.XRM -> Deleted
=> LicenseSetData._8C762649_97D1_4953_AD27_B7E2C25B972E.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\POWERP~1\LICENS~3.XRM -> Deleted
=> PowerPoint -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\POWERP~1 -> Deleted
=> LicenseSetData._4A5D124A_E620_44BA_B6FF_658961B33B9A.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~1\LICENS~1.XRM -> Deleted
=> LicenseSetData._4A5D124A_E620_44BA_B6FF_658961B33B9A.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~1\LICENS~2.XRM -> Deleted
=> LicenseSetData._4A5D124A_E620_44BA_B6FF_658961B33B9A.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~1\LICENS~3.XRM -> Deleted
=> ProjectPro -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~1 -> Deleted
=> LicenseSetData._427A28D1_D17C_4ABF_B717_32C780BA6F07.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~2\LICENS~1.XRM -> Deleted
=> LicenseSetData._427A28D1_D17C_4ABF_B717_32C780BA6F07.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~2\LICENS~2.XRM -> Deleted
=> LicenseSetData._427A28D1_D17C_4ABF_B717_32C780BA6F07.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~2\LICENS~3.XRM -> Deleted
=> ProjectStd -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PROJEC~2 -> Deleted
=> LicenseSetData._B322DA9C_A2E2_4058_9E4E_F59A6970BD69.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\ProPlus\LICENS~1.XRM -> Deleted
=> LicenseSetData._B322DA9C_A2E2_4058_9E4E_F59A6970BD69.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\ProPlus\LICENS~2.XRM -> Deleted
=> LicenseSetData._B322DA9C_A2E2_4058_9E4E_F59A6970BD69.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\ProPlus\LICENS~3.XRM -> Deleted
=> proplus.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\ProPlus\proplus.reg -> Deleted
=> ProPlus -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\ProPlus -> Deleted
=> LicenseSetData._00C79FF1_6850_443D_BF61_71CDE0DE305F.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PUBLIS~1\LICENS~1.XRM -> Deleted
=> LicenseSetData._00C79FF1_6850_443D_BF61_71CDE0DE305F.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PUBLIS~1\LICENS~2.XRM -> Deleted
=> LicenseSetData._00C79FF1_6850_443D_BF61_71CDE0DE305F.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PUBLIS~1\LICENS~3.XRM -> Deleted
=> Publisher -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\PUBLIS~1 -> Deleted
=> LicenseSetData._B13AFB38_CD79_4AE5_9F7F_EED058D750CA.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Standard\LICENS~1.XRM -> Deleted
=> LicenseSetData._B13AFB38_CD79_4AE5_9F7F_EED058D750CA.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Standard\LICENS~2.XRM -> Deleted
=> LicenseSetData._B13AFB38_CD79_4AE5_9F7F_EED058D750CA.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Standard\LICENS~3.XRM -> Deleted
=> Standard -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Standard -> Deleted
=> LicenseSetData._E13AC10E_75D0_4AFF_A0CD_764982CF541C.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioPro\LICENS~1.XRM -> Deleted
=> LicenseSetData._E13AC10E_75D0_4AFF_A0CD_764982CF541C.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioPro\LICENS~2.XRM -> Deleted
=> LicenseSetData._E13AC10E_75D0_4AFF_A0CD_764982CF541C.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioPro\LICENS~3.XRM -> Deleted
=> visio.reg -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioPro\visio.reg -> Deleted
=> VisioPro -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioPro -> Deleted
=> LicenseSetData._AC4EFAF0_F81F_4F61_BDF7_EA32B02AB117.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioStd\LICENS~1.XRM -> Deleted
=> LicenseSetData._AC4EFAF0_F81F_4F61_BDF7_EA32B02AB117.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioStd\LICENS~2.XRM -> Deleted
=> LicenseSetData._AC4EFAF0_F81F_4F61_BDF7_EA32B02AB117.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioStd\LICENS~3.XRM -> Deleted
=> VisioStd -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\VisioStd -> Deleted
=> LicenseSetData._D9F5B1C6_5386_495A_88F9_9AD6B41AC9B3.OOB.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Word\LICENS~1.XRM -> Deleted
=> LicenseSetData._D9F5B1C6_5386_495A_88F9_9AD6B41AC9B3.PL.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Word\LICENS~2.XRM -> Deleted
=> LicenseSetData._D9F5B1C6_5386_495A_88F9_9AD6B41AC9B3.PPDLIC.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Word\LICENS~3.XRM -> Deleted
=> Word -- C:\PROGRA~1\KMSpico\cert\KMSCER~2\Word -> Deleted
=> kmscert2013 -- C:\PROGRA~1\KMSpico\cert\KMSCER~2 -> Deleted
=> AccessVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Access\ACCESS~1.XRM -> Deleted
=> AccessVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Access\ACCESS~2.XRM -> Deleted
=> AccessVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Access\ACCESS~3.XRM -> Deleted
=> Access -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Access -> Deleted
=> client-issuance-bridge-office.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\CLIENT~1.XRM -> Deleted
=> client-issuance-root-bridge-test.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\CLIENT~2.XRM -> Deleted
=> client-issuance-root.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\CLIENT~3.XRM -> Deleted
=> client-issuance-stil.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\CLIENT~4.XRM -> Deleted
=> client-issuance-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\CL0367~1.XRM -> Deleted
=> client-issuance-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\CL38D2~1.XRM -> Deleted
=> ExcelVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Excel\EXCELV~1.XRM -> Deleted
=> ExcelVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Excel\EXCELV~2.XRM -> Deleted
=> ExcelVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Excel\EXCELV~3.XRM -> Deleted
=> Excel -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Excel -> Deleted
=> MondoVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Mondo\MONDOV~1.XRM -> Deleted
=> MondoVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Mondo\MONDOV~2.XRM -> Deleted
=> MondoVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Mondo\MONDOV~3.XRM -> Deleted
=> Mondo -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Mondo -> Deleted
=> OneNoteVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\OneNote\ONENOT~1.XRM -> Deleted
=> OneNoteVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\OneNote\ONENOT~2.XRM -> Deleted
=> OneNoteVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\OneNote\ONENOT~3.XRM -> Deleted
=> OneNote -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\OneNote -> Deleted
=> OutlookVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Outlook\OUTLOO~1.XRM -> Deleted
=> OutlookVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Outlook\OUTLOO~2.XRM -> Deleted
=> OutlookVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Outlook\OUTLOO~3.XRM -> Deleted
=> Outlook -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Outlook -> Deleted
=> pkeyconfig-office.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PKEYCO~1.XRM -> Deleted
=> PowerPointVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\POWERP~1\POWERP~1.XRM -> Deleted
=> PowerPointVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\POWERP~1\POWERP~2.XRM -> Deleted
=> PowerPointVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\POWERP~1\POWERP~3.XRM -> Deleted
=> PowerPoint -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\POWERP~1 -> Deleted
=> ProjectProVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~1\PROJEC~1.XRM -> Deleted
=> ProjectProVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~1\PROJEC~2.XRM -> Deleted
=> ProjectProVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~1\PROJEC~3.XRM -> Deleted
=> ProjectPro -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~1 -> Deleted
=> ProjectStdVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~2\PROJEC~1.XRM -> Deleted
=> ProjectStdVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~2\PROJEC~2.XRM -> Deleted
=> ProjectStdVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~2\PROJEC~3.XRM -> Deleted
=> ProjectStd -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PROJEC~2 -> Deleted
=> ProPlusVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\ProPlus\PROPLU~1.XRM -> Deleted
=> ProPlusVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\ProPlus\PROPLU~2.XRM -> Deleted
=> ProPlusVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\ProPlus\PROPLU~3.XRM -> Deleted
=> ProPlus -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\ProPlus -> Deleted
=> PublisherVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PUBLIS~1\PUBLIS~1.XRM -> Deleted
=> PublisherVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PUBLIS~1\PUBLIS~2.XRM -> Deleted
=> PublisherVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PUBLIS~1\PUBLIS~3.XRM -> Deleted
=> Publisher -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\PUBLIS~1 -> Deleted
=> SkypeforBusinessVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\SKYPEF~1\SKYPEF~1.XRM -> Deleted
=> SkypeforBusinessVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\SKYPEF~1\SKYPEF~2.XRM -> Deleted
=> SkypeforBusinessVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\SKYPEF~1\SKYPEF~3.XRM -> Deleted
=> SkypeforBusiness -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\SKYPEF~1 -> Deleted
=> StandardVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Standard\STANDA~1.XRM -> Deleted
=> StandardVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Standard\STANDA~2.XRM -> Deleted
=> StandardVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Standard\STANDA~3.XRM -> Deleted
=> Standard -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Standard -> Deleted
=> VisioProVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioPro\VISIOP~1.XRM -> Deleted
=> VisioProVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioPro\VISIOP~2.XRM -> Deleted
=> VisioProVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioPro\VISIOP~3.XRM -> Deleted
=> VisioPro -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioPro -> Deleted
=> VisioStdVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioStd\VISIOS~1.XRM -> Deleted
=> VisioStdVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioStd\VISIOS~2.XRM -> Deleted
=> VisioStdVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioStd\VISIOS~3.XRM -> Deleted
=> VisioStd -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\VisioStd -> Deleted
=> WordVL_KMS_Client-ppd.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Word\WORDVL~1.XRM -> Deleted
=> WordVL_KMS_Client-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Word\WORDVL~2.XRM -> Deleted
=> WordVL_KMS_Client-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Word\WORDVL~3.XRM -> Deleted
=> Word -- C:\PROGRA~1\KMSpico\cert\KMSCER~3\Word -> Deleted
=> kmscert2016 -- C:\PROGRA~1\KMSpico\cert\KMSCER~3 -> Deleted
=> Core-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\Core\CORE-V~1.XRM -> Deleted
=> Core-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\Core\CORE-V~2.XRM -> Deleted
=> Core -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\Core -> Deleted
=> Education-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\EDUCAT~1\EDUCAT~1.XRM -> Deleted
=> Education-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\EDUCAT~1\EDUCAT~2.XRM -> Deleted
=> Education -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\EDUCAT~1 -> Deleted
=> Enterprise-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~1\ENTERP~1.XRM -> Deleted
=> Enterprise-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~1\ENTERP~2.XRM -> Deleted
=> Enterprise -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~1 -> Deleted
=> EnterpriseS-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~2\ENTERP~1.XRM -> Deleted
=> EnterpriseS-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~2\ENTERP~2.XRM -> Deleted
=> EnterpriseS-Volume-GVLK-2-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~2\ENTERP~3.XRM -> Deleted
=> EnterpriseS-Volume-GVLK-2-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~2\ENTERP~4.XRM -> Deleted
=> EnterpriseS -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\ENTERP~2 -> Deleted
=> pkeyconfig.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\PKEYCO~1.XRM -> Deleted
=> Professional-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\PROFES~1\PROFES~1.XRM -> Deleted
=> Professional-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\PROFES~1\PROFES~2.XRM -> Deleted
=> Professional -- C:\PROGRA~1\KMSpico\cert\KMSCER~4\PROFES~1 -> Deleted
=> kmscertW10 -- C:\PROGRA~1\KMSpico\cert\KMSCER~4 -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SECURI~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SECURI~2.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-BYPASS-RAC-private.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SECURI~3.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-BYPASS-RAC-public.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SECURI~4.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-BYPASS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SE976B~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-BYPASS-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SECC29~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-KMS-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SE6979~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-KMS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SE066B~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-KMS-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SEBBA9~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-KMS1-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SE90FE~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-KMS1-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SE6745~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Business-VL-KMS1-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business\SEA5CF~1.XRM -> Deleted
=> Business -- C:\PROGRA~1\KMSpico\cert\KM2891~1\Business -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SECURI~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SECURI~2.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-BYPASS-RAC-private.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SECURI~3.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-BYPASS-RAC-public.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SECURI~4.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-BYPASS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SE6BF4~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-BYPASS-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SE63F2~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-KMS-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SE7CA8~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-KMS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SE4E05~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-KMS-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SECEFF~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-KMS1-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SE38F7~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-KMS1-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SE2A4A~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-BusinessN-VL-KMS1-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1\SEE8D1~1.XRM -> Deleted
=> BusinessN -- C:\PROGRA~1\KMSpico\cert\KM2891~1\BUSINE~1 -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SECURI~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SECURI~2.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-BYPASS-RAC-private.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SECURI~3.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-BYPASS-RAC-public.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SECURI~4.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-BYPASS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE7400~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-BYPASS-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE4689~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-KMS-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE93CC~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-KMS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE3572~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-KMS-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE836D~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-KMS1-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE3F7F~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-KMS1-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE2A43~1.XRM -> Deleted
=> Security-Licensing-SLC-Component-SKU-Enterprise-VL-KMS1-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1\SE783E~1.XRM -> Deleted
=> Enterprise -- C:\PROGRA~1\KMSpico\cert\KM2891~1\ENTERP~1 -> Deleted
=> pkeyconfig.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM2891~1\PKEYCO~1.XRM -> Deleted
=> kmscertW6 -- C:\PROGRA~1\KMSpico\cert\KM2891~1 -> Deleted
=> pkeyconfig-embedded.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded\PKEYCO~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Embedded-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded\SECURI~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Embedded-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded\SECURI~2.XRM -> Deleted
=> Security-SPP-Component-SKU-Embedded-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded\SECURI~3.XRM -> Deleted
=> Security-SPP-Component-SKU-Embedded-VLBA-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded\SECURI~4.XRM -> Deleted
=> Security-SPP-Component-SKU-Embedded-VLBA-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded\SE7FF2~1.XRM -> Deleted
=> Embedded -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\Embedded -> Deleted
=> Enterprise -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\ENTERP~1 -> Deleted
=> pkeyconfig.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\PKEYCO~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SECURI~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SECURI~2.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VL-BYPASS-RAC-private.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SECURI~3.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VL-BYPASS-RAC-public.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SECURI~4.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VL-BYPASS-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SE1EF9~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VL-BYPASS-ul.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SE5BB6~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VLKMS1-pl.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SEDE7A~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VLKMS1-ul-oob.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SE2B57~1.XRM -> Deleted
=> Security-SPP-Component-SKU-Professional-VLKMS1-ul-phn.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1\SE525A~1.XRM -> Deleted
=> Professional -- C:\PROGRA~1\KMSpico\cert\KM72AC~1\PROFES~1 -> Deleted
=> kmscertW7 -- C:\PROGRA~1\KMSpico\cert\KM72AC~1 -> Deleted
=> Core-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\Core\CORE-V~1.XRM -> Deleted
=> Core-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\Core\CORE-V~2.XRM -> Deleted
=> Core -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\Core -> Deleted
=> CoreN-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\CoreN\COREN-~1.XRM -> Deleted
=> CoreN-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\CoreN\COREN-~2.XRM -> Deleted
=> CoreN -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\CoreN -> Deleted
=> CoreSingleLanguage-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\CORESI~1\CORESI~1.XRM -> Deleted
=> CoreSingleLanguage-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\CORESI~1\CORESI~2.XRM -> Deleted
=> CoreSingleLanguage -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\CORESI~1 -> Deleted
=> Enterprise-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\ENTERP~1\ENTERP~1.XRM -> Deleted
=> Enterprise-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\ENTERP~1\ENTERP~2.XRM -> Deleted
=> Enterprise -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\ENTERP~1 -> Deleted
=> EnterpriseN-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\ENTERP~2\ENTERP~1.XRM -> Deleted
=> EnterpriseN-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\ENTERP~2\ENTERP~2.XRM -> Deleted
=> EnterpriseN -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\ENTERP~2 -> Deleted
=> pkeyconfig.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PKEYCO~1.XRM -> Deleted
=> Professional-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~1\PROFES~1.XRM -> Deleted
=> Professional-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~1\PROFES~2.XRM -> Deleted
=> Professional -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~1 -> Deleted
=> ProfessionalN-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~2\PROFES~1.XRM -> Deleted
=> ProfessionalN-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~2\PROFES~2.XRM -> Deleted
=> ProfessionalN -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~2 -> Deleted
=> ProfessionalWMC-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~3\PROFES~1.XRM -> Deleted
=> ProfessionalWMC-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~3\PROFES~2.XRM -> Deleted
=> ProfessionalWMC -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1\PROFES~3 -> Deleted
=> kmscertW8 -- C:\PROGRA~1\KMSpico\cert\KM5C0B~1 -> Deleted
=> Core-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\Core\CORE-V~1.XRM -> Deleted
=> Core-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\Core\CORE-V~2.XRM -> Deleted
=> Core -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\Core -> Deleted
=> CoreConnectedSingleLanguage-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\CORECO~1\CORECO~1.XRM -> Deleted
=> CoreConnectedSingleLanguage-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\CORECO~1\CORECO~2.XRM -> Deleted
=> CoreConnectedSingleLanguage -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\CORECO~1 -> Deleted
=> EmbeddedIndustry-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\EMBEDD~1\EMBEDD~1.XRM -> Deleted
=> EmbeddedIndustry-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\EMBEDD~1\EMBEDD~2.XRM -> Deleted
=> EmbeddedIndustry -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\EMBEDD~1 -> Deleted
=> Enterprise-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\ENTERP~1\ENTERP~1.XRM -> Deleted
=> Enterprise-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\ENTERP~1\ENTERP~2.XRM -> Deleted
=> Enterprise -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\ENTERP~1 -> Deleted
=> pkeyconfig.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PKEYCO~1.XRM -> Deleted
=> Professional-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PROFES~1\PROFES~1.XRM -> Deleted
=> Professional-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PROFES~1\PROFES~2.XRM -> Deleted
=> Professional -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PROFES~1 -> Deleted
=> ProfessionalWMC-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PROFES~2\PROFES~1.XRM -> Deleted
=> ProfessionalWMC-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PROFES~2\PROFES~2.XRM -> Deleted
=> ProfessionalWMC -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\PROFES~2 -> Deleted
=> ServerDatacenter-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\SERVER~1\SERVER~1.XRM -> Deleted
=> ServerDatacenter-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\SERVER~1\SERVER~2.XRM -> Deleted
=> ServerDatacenter -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\SERVER~1 -> Deleted
=> ServerStandard-Volume-GVLK-1-ul-oob-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\SERVER~2\SERVER~1.XRM -> Deleted
=> ServerStandard-Volume-GVLK-1-ul-rtm.xrm-ms -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\SERVER~2\SERVER~2.XRM -> Deleted
=> ServerStandard -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1\SERVER~2 -> Deleted
=> kmscertW81 -- C:\PROGRA~1\KMSpico\cert\KM8E6A~1 -> Deleted
=> cert -- C:\PROGRA~1\KMSpico\cert -> Deleted
=> DevComponents.DotNetBar2.dll -- C:\PROGRA~1\KMSpico\DEVCOM~1.DLL -> Deleted
=> Cert.cmd -- C:\PROGRA~1\KMSpico\driver\Cert.cmd -> Deleted
=> certELDI.pfx -- C:\PROGRA~1\KMSpico\driver\certELDI.pfx -> Deleted
=> OpenVPN.cer -- C:\PROGRA~1\KMSpico\driver\OpenVPN.cer -> Deleted
=> tap-windows-9.21.0.exe -- C:\PROGRA~1\KMSpico\driver\TAP-WI~1.EXE -> Deleted
=> UnInstallDriver.cmd -- C:\PROGRA~1\KMSpico\driver\UNINST~1.CMD -> Deleted
=> driver -- C:\PROGRA~1\KMSpico\driver -> Deleted
=> Error.png -- C:\PROGRA~1\KMSpico\icons\Error.png -> Deleted
=> Information.png -- C:\PROGRA~1\KMSpico\icons\INFORM~1.PNG -> Deleted
=> Question.png -- C:\PROGRA~1\KMSpico\icons\Question.png -> Deleted
=> Warning.png -- C:\PROGRA~1\KMSpico\icons\Warning.png -> Deleted
=> icons -- C:\PROGRA~1\KMSpico\icons -> Deleted
=> AutoPico.log -- C:\PROGRA~1\KMSpico\logs\AutoPico.log -> Deleted
=> KMSELDI.log -- C:\PROGRA~1\KMSpico\logs\KMSELDI.log -> Deleted
=> Service_KMS.log -- C:\PROGRA~1\KMSpico\logs\SERVIC~1.LOG -> Deleted
=> logs -- C:\PROGRA~1\KMSpico\logs -> Deleted
=> OEM-DM.exe -- C:\PROGRA~1\KMSpico\OEM-DM.exe -> Deleted
=> OEM-DM.txt -- C:\PROGRA~1\KMSpico\OEM-DM.txt -> Deleted
=> AddExceptionsWD.reg -- C:\PROGRA~1\KMSpico\scripts\ADDEXC~1.REG -> Deleted
=> AddExceptions_Defender.cmd -- C:\PROGRA~1\KMSpico\scripts\ADDEXC~1.CMD -> Deleted
=> DisableSmartScreen.reg -- C:\PROGRA~1\KMSpico\scripts\DISABL~1.REG -> Deleted
=> EnableSmartScreen.cmd -- C:\PROGRA~1\KMSpico\scripts\ENABLE~1.CMD -> Deleted
=> EnableSmartScreen.reg -- C:\PROGRA~1\KMSpico\scripts\ENABLE~1.REG -> Deleted
=> Install_Service.cmd -- C:\PROGRA~1\KMSpico\scripts\INSTAL~1.CMD -> Deleted
=> Install_Task.cmd -- C:\PROGRA~1\KMSpico\scripts\INSTAL~2.CMD -> Deleted
=> Log.cmd -- C:\PROGRA~1\KMSpico\scripts\Log.cmd -> Deleted
=> RemoveExceptionsWD.reg -- C:\PROGRA~1\KMSpico\scripts\REMOVE~1.REG -> Deleted
=> Restore_Watermark.cmd -- C:\PROGRA~1\KMSpico\scripts\RESTOR~1.CMD -> Deleted
=> Silent.cmd -- C:\PROGRA~1\KMSpico\scripts\Silent.cmd -> Deleted
=> UnInstall_Service.cmd -- C:\PROGRA~1\KMSpico\scripts\UNINST~1.CMD -> Deleted
=> scripts -- C:\PROGRA~1\KMSpico\scripts -> Deleted
=> affirmative.mp3 -- C:\PROGRA~1\KMSpico\sounds\AFFIRM~1.MP3 -> Deleted
=> begin.mp3 -- C:\PROGRA~1\KMSpico\sounds\begin.mp3 -> Deleted
=> complete.mp3 -- C:\PROGRA~1\KMSpico\sounds\complete.mp3 -> Deleted
=> diagnostic.mp3 -- C:\PROGRA~1\KMSpico\sounds\DIAGNO~1.MP3 -> Deleted
=> enterauthorizationcode.mp3 -- C:\PROGRA~1\KMSpico\sounds\ENTERA~1.MP3 -> Deleted
=> incomingtransmission.mp3 -- C:\PROGRA~1\KMSpico\sounds\INCOMI~1.MP3 -> Deleted
=> inputfailed.mp3 -- C:\PROGRA~1\KMSpico\sounds\INPUTF~1.MP3 -> Deleted
=> inputok.mp3 -- C:\PROGRA~1\KMSpico\sounds\inputok.mp3 -> Deleted
=> processing.mp3 -- C:\PROGRA~1\KMSpico\sounds\PROCES~1.MP3 -> Deleted
=> transfer.mp3 -- C:\PROGRA~1\KMSpico\sounds\transfer.mp3 -> Deleted
=> verified.mp3 -- C:\PROGRA~1\KMSpico\sounds\verified.mp3 -> Deleted
=> warning.mp3 -- C:\PROGRA~1\KMSpico\sounds\warning.mp3 -> Deleted
=> sounds -- C:\PROGRA~1\KMSpico\sounds -> Deleted
=> Keys.txt -- C:\PROGRA~1\KMSpico\TOKENS~1\Keys.txt -> Deleted
=> cache.dat -- C:\PROGRA~1\KMSpico\TOKENS~1\Windows\cache\cache.dat -> Deleted
=> cache -- C:\PROGRA~1\KMSpico\TOKENS~1\Windows\cache -> Deleted
=> data.dat -- C:\PROGRA~1\KMSpico\TOKENS~1\Windows\data.dat -> Deleted
=> pkeyconfig.xrm-ms -- C:\PROGRA~1\KMSpico\TOKENS~1\Windows\PKEYCO~1.XRM -> Deleted
=> tokens.dat -- C:\PROGRA~1\KMSpico\TOKENS~1\Windows\tokens.dat -> Deleted
=> Windows -- C:\PROGRA~1\KMSpico\TOKENS~1\Windows -> Deleted
=> TokensBackup -- C:\PROGRA~1\KMSpico\TOKENS~1 -> Deleted
=> unins000.dat -- C:\PROGRA~1\KMSpico\unins000.dat -> Deleted
=> unins000.exe -- C:\PROGRA~1\KMSpico\unins000.exe -> Deleted
=> UninsHs.exe -- C:\PROGRA~1\KMSpico\UninsHs.exe -> Deleted
=> Vestris.ResourceLib.dll -- C:\PROGRA~1\KMSpico\VESTRI~1.DLL -> Deleted
=> WinDivert.dll -- C:\PROGRA~1\KMSpico\WINDIV~1.DLL -> Deleted
=> WinDivert.sys -- C:\PROGRA~1\KMSpico\WINDIV~1.SYS -> Deleted

Mackiirios · Jun 8, 2021

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/8/21
Scan Time: 3:58 PM
Log File: 4ee80570-c82f-11eb-bbf9-2c600c859dc5.json

-Software Information-
Version: 4.2.0.82
Components Version: 1.0.1025
Update Package Version: 1.0.28979
License: Premium

-System Information-
OS: Windows 10 (Build 19041.985)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 662942
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 hr, 16 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

Mackiirios · Jun 8, 2021

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2021
# Duration: 00:03:29
# OS: Windows 10 Home Single Language
# Cleaned: 74
# Failed: 2

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Tencent
Deleted C:\Users\Public\Pokki
Deleted C:\Users\riosme\AppData\Local\YSearchUtil
Deleted C:\Users\riosme\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Users\.NET v2.0 Classic\Favorites\Booking.com.url
Deleted C:\Users\.NET v2.0\Favorites\Booking.com.url
Deleted C:\Users\.NET v4.5 Classic\Favorites\Booking.com.url
Deleted C:\Users\.NET v4.5\Favorites\Booking.com.url
Deleted C:\Users\Classic .NET AppPool\Favorites\Booking.com.url
Deleted C:\Users\DefaultAppPool\Favorites\Booking.com.url
Deleted C:\Users\riosme\Favorites\Booking.com.url
Deleted C:\Users\shane\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E9C9146D-6C86-4F9C-AD70-5A34DA253920}C:\users\riosme\appdata\roaming\baidu\baidunetdisk\baidunetdiskhost.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{97F7C1A8-EAEE-46BE-B0F3-930D99FC315E}C:\users\riosme\appdata\roaming\baidu\baidunetdisk\baidunetdiskhost.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{441D2E50-52DE-41AC-AF26-13BDE89B3429}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4C6E830C-61F5-480D-8347-183A78CC9E1E}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4D476895-6A5A-4E0D-8957-38652C9693BF}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6973F7E9-D235-44B6-8B8C-1A7D4CDF4049}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{79C162E6-5968-4C66-8F09-79F46AB3A5C9}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F10890B7-6681-4657-B5CA-3B0113922D7C}
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Blekko
Deleted Conduit
Deleted Search the web (Babylon)
Deleted skin.igxe.com
Not Deleted http://home.sweetim.com/?barid={AA2C4760-B312-11E2-957B-A1226FF24364}&crg=3.1010000.10011&st=23
Not Deleted http://home.sweetim.com/?barid={AA2C4760-B312-11E2-957B-A1226FF24364}&crg=3.1010000.10011&st=23

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43B2136B-7C55-4E7B-8F46-4808A6696106}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43B2136B-7C55-4E7B-8F46-4808A6696106}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CBE3325-1DAC-4656-9AE8-58FCED27D2DC}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Deleted Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Deleted Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Deleted Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Deleted Preinstalled.AcerPortal Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AcerPortal
Deleted Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1DD1E5B-0742-469C-B191-4A0F0B8AE547}
Deleted Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud
Deleted Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Deleted Preinstalled.AcerPortal Task C:\Windows\System32\Tasks\ACERCLOUD
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Deleted Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EE5904A-7A89-4FD9-A240-4508E82F3856}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F24A116-71D0-495A-A4BF-58209D4DFE5A}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Deleted Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20A44527-FA0F-4031-AE20-27907045781F}
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\riosme\AppData\Roaming\SAMSUNG\SMART SWITCH PC

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10065 octets] - [08/06/2021 18:38:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Mackiirios · Jun 8, 2021

Sorry for the inconvenience, I was having trouble with my laptop for a few days. The logs have been sent for the 3 programs. Thank you.

Broni · Jun 8, 2021

No problem

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

Inactive-A Malware Virus

Posts: 38 +0

Attachments

Posts: 56,041 +516

Posts: 38 +0

Posts: 56,041 +516

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 56,041 +516

Posts: 38 +0

Posts: 38 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 38 +0

Posts: 56,041 +516

Similar threads