Solved Toren.9 PuP

Hurriken

Hurriken

Posts: 276   +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by Ken's (administrator) on KENS-PC (MSI MS-7845) (04-04-2020 09:37:35)
Running from E:\Download
Loaded Profiles: Ken's (Available Profiles: Ken's & DefaultAppPool)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0351505.inf_amd64_5938a70929a31401\B351435\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0351505.inf_amd64_5938a70929a31401\B351435\atiesrxx.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Fitbit, Inc. -> Fitbit, Inc.) [File not signed] E:\Program Files (x86)\Fitbit\fitbit.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hi-Rez Studios) [File not signed] E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ken's\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe\DvdPlayer.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks) [File not signed] C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Rivet Networks) [File not signed] C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Saitek) [File not signed] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) [File not signed] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\steam.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [34432 2013-04-23] (Creative Technology Ltd -> Creative Technology Ltd.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [Cm108Sound] => C:\Windows\Syswow64\cm108.dll [12935168 2012-11-19] (C-Media Corporation) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek) [File not signed]
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek) [File not signed]
HKLM\...\Run: [iTunesHelper] => E:\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [237416 2020-03-03] (IDSA Production signing key -> Intel)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [Steam] => E:\Steam\steam.exe [3370272 2020-03-26] (Valve -> Valve Corporation)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [World of Tanks] => E:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [World of Tanks (1)] => F:\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2408312 2019-11-12] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [Gaijin.Net Updater] => C:\Users\Ken's\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-29] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36055952 2019-12-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe [544768 2019-09-27] (iMobie Inc. -> iMobie Inc.)
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}] -> %SystemRoot%\System32\RdpGroupPolicyExtension.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-02]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A65193-1868-47B8-A645-735350E3DFCD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0CCA7912-5A63-4418-AC5A-36D1C168F36C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0D957EF6-5A91-4E7A-9737-6408BB15A1D9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0EDA434E-A824-4C79-9985-314F028648A0} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-30] (Advanced Micro Devices, Inc.) [File not signed]
Task: {11137615-CC1E-471C-B3A7-73897DA781D6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {112774BC-3B1F-409E-A08E-EDE576CE922C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2016-02-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {112F26F6-7170-4748-BDE2-476DB8618F14} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1122920 2020-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1808D3A8-37B4-4439-9070-4834DB5B90E0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B541CA3-47E6-4D93-8D42-266526DAC7D5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1CA6742F-BF6A-4C69-91FE-EB97660918AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
Task: {1EB4BB81-E281-424E-A4D9-DE95F2901A31} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2096D508-D221-47B1-9FEA-E7B8EEC8ECAC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {25AF2D66-00B5-4E01-855E-F6F734A7F053} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-30] (Advanced Micro Devices, Inc.) [File not signed]
Task: {25C4DF76-F314-4E73-B1BA-58B83954CD80} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
Task: {2624DC0B-12A6-4C44-9F4F-39B2FD02C634} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {3121DDD3-F910-4E16-A0EC-A30931B648CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31724B82-8F38-4BA3-9D88-4581750CCE3E} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {32EF85C2-A32D-411E-87D0-D66DE87F7B09} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {37EFA038-D36E-45E7-B22A-7E6240D10C6D} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {3E655957-6A2B-4918-BED0-5D2216E5BC53} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {3F8CFC74-EEC0-4E01-8616-BB501C6EDE53} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4097E6C5-A7DF-4898-AF14-EA874C3D0532} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {42FB3ECD-AC76-4AD5-BC86-5A0C68055AE9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {45C7D088-3BBA-44BD-80C7-45BE45BE8A44} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [2356736 2019-10-22] () [File not signed]
Task: {47DDF52C-95DF-4EC1-BC13-76D2AB9CEC68} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A16EB13-CDC1-4B19-9B3D-08070EFDA3F3} - System32\Tasks\{C2521584-3E91-488D-96F9-00494B869389} => C:\Windows\system32\pcalua.exe -a C:\Users\Ken's\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {4BAFFBB6-2064-45BE-B0C0-9488D3B02D43} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {4CE49895-9F39-4562-92B2-382D072FA40B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4E57FE9B-3658-46D4-BB1F-BE4ED8DA4E97} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {50655B2D-6016-404D-9F51-218B453DFAC2} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {5A7CB433-A3AD-4E4D-BC4C-39C624358DD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D5E83CC-A399-4023-B30B-50336BDD0C41} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {665CF199-26FA-485D-9CFA-9A6FAD29029C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6676A120-424E-4486-A899-8A707A679B9A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {69BD5F79-A676-40F8-BB33-CC926A80FC01} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {711D0C83-4178-4D91-8574-5ECFF7215C24} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {745064CB-498E-4648-8ABD-861A36D727E2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BA3ECCB-1BBF-4F99-B13B-F83BBC918B8C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7E92BDD6-8A6D-46A6-8475-81C1ABA1BF26} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8F44E247-46CD-49AB-92D6-3BA5E76130DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {8FBA618E-1934-424D-B84E-CABB9B28A5E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {90B0175D-5332-46C8-974C-D621C9636D59} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {9308D69C-C2C5-4BE2-88A8-AE3F6856CAC1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {938F51DB-DD29-426C-9739-2C52D7FDA498} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {94A40C2A-385C-4080-84B5-9BE9967BC320} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {99C9791D-AFFB-4202-B4AB-180CEB56C1A9} - System32\Tasks\{AC06F251-45ED-4671-9AA1-DD87EDA1961C} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ken's\Desktop\Saitek_Cyborg_Evo_SD6_64.exe -d C:\Users\Ken's\Desktop
Task: {9F565B3F-9543-4C8C-A535-3D7083458E36} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A4109A41-A17E-4B63-9222-768402649892} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7B2089B-4CCE-46C0-A464-E36E82531745} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADE71FC6-DCA0-4DBC-AA8D-8F84905B44D2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B501B471-6DE2-4548-8B42-7F22F745FD5F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B547A3B6-8F6A-45ED-9F2C-621489CC5747} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {B5B51033-455A-466E-8088-96F0399CC205} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C1A128CF-F761-4D22-9B02-5F22ADC923D0} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation)
Task: {C7A2D07E-AB77-4A86-A9E8-5E76A9CA694D} - System32\Tasks\avastBCLRestartS-1-5-21-1717588471-1589297708-2851942008-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {CA53D148-7FA8-4863-930A-71BCF2ABA88D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB3D2A33-73A8-49D7-95CF-D6BF3E0A0AE5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CD0EE532-6C5F-4167-BFF6-084ACEDADF3B} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {D2DE7C66-96B1-41B2-B2F8-27536CAB30BA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8CDB9C4-D68D-4B19-9894-85538F2F2C48} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA499522-7828-4653-8697-33ED17DA3488} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {E216A492-AC92-4FF0-B00F-6CA763C41AEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E2363914-A23A-4F7B-AB1B-1EA81B3B3F57} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628672 2020-01-30] (Advanced Micro Devices, Inc.) [File not signed]
Task: {E4DBD481-DD01-4C9A-B1EE-F71F41A9E43C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {EBA2984D-A27B-4A77-AE7B-5EC41CC16C91} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F03BB1BB-02A9-4178-A891-EEEEE56BE30A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F11F0F46-F675-4F81-A07A-78D38BC41B8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F529877E-D329-46E9-892A-92C5F3D69DE5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6F0140C-FB6D-4FA2-B73C-D4BDA09BA00C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F9386B92-819F-44A4-86BC-8AEBCB897A1F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FEE4AD7B-FB2B-418B-A9FC-BC5024E3403E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a647159a-f1b1-48ea-8065-a9590256013c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

FireFox:
========
FF ProfilePath: C:\Users\Ken's\AppData\Roaming\Mozilla\Firefox\Profiles\j0hyike9.default [2020-04-04]
FF Homepage: Mozilla\Firefox\Profiles\j0hyike9.default -> hxxps://my.yahoo.com/?mkg=015#
FF Extension: (WOT) - C:\Users\Ken's\AppData\Roaming\Mozilla\Firefox\Profiles\j0hyike9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-11-12] [Legacy]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default [2020-04-04]
CHR Notifications: Default -> hxxps://forum.worldofwarships.com; hxxps://mail.google.com; hxxps://news.yahoo.com; hxxps://package-manager.net; hxxps://smallentesa.club; hxxps://terrout9.biz; hxxps://web.skype.com; hxxps://www.adorama.com; hxxps://www.allrecipes.com; hxxps://www.artofmanliness.com; hxxps://www.cnet.com; hxxps://www.dailyherald.com; hxxps://www.facebook.com; hxxps://www.musicradar.com; hxxps://www.overstock.com; hxxps://www.pcgamer.com; hxxps://www.pinterest.com; hxxps://www.reddit.com; hxxps://www.yahoo.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={4756D638-6D91-4E27-AE35-0DFF42F28C46}&mid=60638badfbc149a2a886088640a652d9-63101b172c0e7fc36d768ca59ac9b37076ce39d8&lang=en&ds=hk018&coid=avgtbdishk&cmpid=&pr=sa&d=2014-02-09 12:03:32&v=19.4.0.508&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://my.yahoo.com/?mkg=015#"
CHR Extension: (Google Drive) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-03-04]
CHR Extension: (YouTube) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-03]
CHR Extension: (Avast Passwords) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (iCloud Bookmarks) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-10]
CHR Extension: (Google Docs Offline) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-17]
CHR Extension: (Cisco Webex Extension) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-07-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-03-09]
CHR Extension: (Gmail) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-01]
CHR Profile: C:\Users\Ken's\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0351505.inf_amd64_5938a70929a31401\B351435\atiesrxx.exe [522880 2020-02-03] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2020-01-30] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1005672 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8469592 2020-02-07] (BattlEye Innovations e.K. -> )
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2018-01-25] (BitRaider LLC -> BitRaider, LLC)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [37224 2020-03-03] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [143720 2020-03-03] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-09-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Fitbit; E:\Program Files (x86)\Fitbit\fitbit.exe [773152 2012-06-22] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
U2 HiPatchService; E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [386560 2015-02-05] (Rivet Networks) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2017-02-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2330296 2017-09-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183480 2019-02-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> MICRO-STAR INTERNATIONAL CO., LTD.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-16] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-02-23] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0351505.inf_amd64_5938a70929a31401\B351435\atikmdag.sys [65740416 2020-02-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0351505.inf_amd64_5938a70929a31401\B351435\atikmpag.sys [590464 2020-02-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 asahci64; C:\WINDOWS\System32\drivers\asahci64.sys [49048 2012-07-18] (ASMedia Technology Inc. -> Asmedia Technology)
S3 AsrSetupDrv3_0_38; C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv3_0_38.sys [23304 2019-08-22] (ASROCK Incorporation -> RW-Everything) [File not signed]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [492144 2020-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459608 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-01] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bflwfx64.sys [100400 2015-01-29] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2018-01-25] (BitRaider -> BitRaider)
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [66640 2019-08-15] (Martin Malik - REALiX -> REALiX(tm))
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] (Intel(R) Smart Connect software -> )
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-02-13] (Intel(R) Smart Connect software -> )
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] (Intel(R) Smart Connect software -> )
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-18] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-04] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 npusbio; C:\WINDOWS\System32\Drivers\npusbio_x64.sys [38400 2012-07-10] (NaturalPoint, Inc -> )
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvlddmkm.sys [17213824 2018-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SaiH0464; C:\WINDOWS\system32\DRIVERS\SaiH0464.sys [178432 2008-03-31] (Saitek -> Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [25120 2013-04-30] (Madcatz Europe Ltd -> Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [52640 2013-04-30] (Madcatz Europe Ltd -> Saitek)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-12-11] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-17] (Microsoft Windows -> Microsoft Corporation)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2016-07-29] (Intel(R) Smart Connect software -> )
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation -> Intel Corporation)
S3 atillk64; \??\C:\Users\Ken's\AppData\Local\Temp\AGT\atillk64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-04 09:34 - 2020-04-04 09:34 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-04 09:34 - 2020-04-04 09:34 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-04 09:34 - 2020-04-04 09:34 - 000000000 ___HD C:\OneDriveTemp
2020-04-01 15:42 - 2020-04-04 09:38 - 000000000 ____D C:\FRST
2020-04-01 10:31 - 2020-04-01 10:31 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2020-04-01 10:31 - 2020-04-01 10:31 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2020-04-01 10:31 - 2020-04-01 10:31 - 000002076 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk
2020-04-01 10:20 - 2020-04-03 20:40 - 000492144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-01 10:20 - 2020-04-01 10:20 - 000337048 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-04-01 10:20 - 2020-04-01 10:20 - 000235696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-04-01 10:20 - 2020-04-01 10:20 - 000175920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-03-28 18:27 - 2020-03-28 18:27 - 000000000 ____D C:\ProgramData\Canon
2020-03-28 18:15 - 2020-03-29 15:33 - 000000000 ___DC C:\Users\Ken's\Desktop\tax2019
2020-03-23 23:09 - 2020-03-23 23:09 - 000001348 ____C C:\Users\Ken's\Desktop\Beatles light.jpg - Shortcut.lnk
2020-03-22 17:33 - 2020-03-22 17:33 - 000137168 ____C C:\Users\Ken's\Desktop\SigridunemploymentclaimConfirmation.pdf
2020-03-22 00:22 - 2020-04-04 00:50 - 000002280 _____ C:\WINDOWS\system32\Tasks\MSIGH_Host
2020-03-22 00:22 - 2020-03-22 00:22 - 000001122 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2020-03-22 00:22 - 2020-03-22 00:22 - 000001122 _____ C:\ProgramData\Desktop\MSI Gaming APP.lnk
2020-03-22 00:22 - 2020-03-22 00:22 - 000000000 ____D C:\Program Files\ENE
2020-03-22 00:22 - 2020-03-22 00:22 - 000000000 ____D C:\Program Files (x86)\ENE
2020-03-22 00:22 - 2019-05-22 06:44 - 000017624 _____ C:\WINDOWS\system32\Drivers\ene.sys
2020-03-13 18:45 - 2020-03-13 18:45 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-13 18:45 - 2020-03-13 18:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-13 18:45 - 2020-03-13 18:45 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-13 18:45 - 2020-03-13 18:45 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-13 18:45 - 2020-03-13 18:45 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-13 18:45 - 2020-03-13 18:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-13 18:45 - 2020-03-13 18:45 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-13 18:45 - 2020-03-13 18:45 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-13 18:45 - 2020-03-13 18:45 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-13 18:45 - 2020-03-13 18:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-13 18:45 - 2020-03-13 18:45 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
 
2020-03-13 18:44 - 2020-03-13 18:44 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
 
2020-03-13 18:44 - 2020-03-13 18:44 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-13 18:44 - 2020-03-13 18:44 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
======================
 
2020-03-13 18:44 - 2020-03-13 18:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-13 18:44 - 2020-03-13 18:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-13 18:44 - 2020-03-13 18:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-13 18:44 - 2020-03-13 18:44 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-13 18:44 - 2020-03-13 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-13 18:38 - 2020-03-13 18:38 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-13 18:38 - 2020-03-13 18:38 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-09 21:08 - 2020-03-09 21:08 - 000012241 _____ C:\Users\Ken's\Desktop\Arma_3_mods.html

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-04 09:38 - 2017-10-10 09:19 - 000000000 ___DC C:\Users\Ken's\AppData\Local\AVAST Software
2020-04-04 09:34 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-04 09:34 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-04 09:34 - 2016-09-30 21:32 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-04 09:34 - 2016-07-29 23:55 - 000000000 ___RD C:\Users\Ken's\OneDrive
2020-04-04 09:34 - 2015-01-31 10:35 - 000000000 ___RD C:\Users\Ken's\iCloudDrive
2020-04-04 09:34 - 2013-12-28 21:15 - 000000000 ___DC C:\Users\Ken's\AppData\Local\CrashDumps
2020-04-04 09:33 - 2019-08-17 13:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-04 09:33 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
 
2020-04-04 01:13 - 2019-08-22 15:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-04-04 01:13 - 2019-03-18 23:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-04 01:11 - 2016-05-21 21:47 - 000000000 ___DC C:\Users\Ken's\AppData\Roaming\discord
2020-04-04 00:50 - 2019-12-11 15:00 - 000002148 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2020-04-04 00:50 - 2019-08-17 13:35 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-04-04 00:50 - 2019-08-17 13:35 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-04 00:50 - 2019-08-17 13:35 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-04 00:50 - 2019-08-17 13:35 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1717588471-1589297708-2851942008-1000
2020-04-04 00:50 - 2019-08-17 13:35 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-03 23:24 - 2019-08-17 13:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-03 20:46 - 2014-12-23 16:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-02 23:41 - 2013-12-28 19:53 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-02 20:37 - 2015-03-29 15:46 - 000000000 ___DC C:\Users\Ken's\AppData\Local\Arma 3
2020-04-02 12:23 - 2019-08-17 13:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-02 00:06 - 2015-03-29 15:45 - 000000000 ___DC C:\Users\Ken's\AppData\Local\Arma 3 Launcher
2020-04-01 15:42 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-01 10:20 - 2019-08-17 13:35 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-04-01 10:20 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-01 10:20 - 2019-01-14 12:06 - 000234776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-04-01 10:20 - 2019-01-07 11:41 - 000178968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-04-01 10:20 - 2019-01-07 11:41 - 000060696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-04-01 10:20 - 2018-10-19 21:55 - 000042984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-04-01 10:20 - 2017-11-18 12:02 - 000206120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-04-01 10:20 - 2013-12-28 19:54 - 000851808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-04-01 10:20 - 2013-12-28 19:54 - 000459608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-04-01 10:20 - 2013-12-28 19:54 - 000317280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-04-01 10:20 - 2013-12-28 19:54 - 000109480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-04-01 10:20 - 2013-12-28 19:54 - 000085056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-03-31 14:52 - 2019-10-21 10:24 - 000002457 _____
 
2020-03-29 17:32 - 2015-12-21 20:03 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-03-28 19:38 - 2019-04-14 13:46 - 000000000 ___DC C:\Users\Ken's\Desktop\Taxes
2020-03-28 18:07 - 2019-02-25 20:31 - 000000000 ___DC C:\Users\Ken's\Desktop\Reciepts
2020-03-25 11:04 - 2019-08-17 13:38 - 000972220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-23 10:39 - 2013-12-28 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2020-03-22 00:22 - 2014-09-04 23:21 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-22 00:22 - 2013-12-28 20:25 - 000000000 ____D C:\Program Files (x86)\MSI
2020-03-22 00:22 - 2013-12-28 19:27 - 000000000 ____D C:\MSI
2020-03-21 10:33 - 2019-12-09 11:13 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-21 10:33 - 2019-12-09 11:13 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-21 10:32 - 2019-07-19 14:01 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-21 10:32 - 2019-07-19 14:01 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-18 19:57 - 2019-08-17 13:29 - 000002404 ____C C:\Users\Ken's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-16 19:56 - 2018-03-31 22:04 - 000000000 ___DC C:\Users\Ken's\AppData\Local\PlaceholderTileLogoFolder
2020-03-14 09:24 - 2019-08-17 13:24 - 000338968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-14 09:24 - 2018-01-28 14:53 - 000000000 ___RD C:\Users\Ken's\3D Objects
2020-03-14 09:24 - 2016-07-29 23:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D
 
C:\WINDOWS\system32\SystemResetPlatform
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
 
2020-03-14 00:46 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-14 00:46 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-13 18:50 - 2014-01-02 15:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-13 18:47 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-13 18:47 - 2014-01-02 15:30 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-11 19:09 - 2018-06-24 14:09 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
 
==================== Files in the root of some directories ========

2018-08-18 18:19 - 2018-12-06 12:17 - 012161536 _____ (1C-777 Limited) C:\Users\Ken's\Il-2.exe
2015-04-02 22:54 - 2015-04-02 23:00 - 000000000 ____C () C:\Users\Ken's\AppData\Local\Driver_LOM_8161Present.flag
2013-12-28 19:28 - 2015-04-02 22:57 - 000000674 ____C () C:\Users\Ken's\AppData\Local\killertool.log
2014-11-26 02:06 - 2014-11-26 02:06 - 000006172 ____C () C:\Users\Ken's\AppData\Local\recently-used.xbel
2016-02-22 15:24 - 2016-03-26 23:58 - 000000119 ____C () C:\Users\Ken's\AppData\Local\TempGameCenter.main.download.log
2016-02-22 15:24 - 2016-03-26 23:13 - 000002781 ____C () C:\Users\Ken's\AppData\Local\TempGameCenter.main.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Ken's (04-04-2020 09:38:47)
Running from E:\Download
Windows 10 Home Version 1903 18362.720 (X64) (2019-08-17 18:35:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1717588471-1589297708-2851942008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1717588471-1589297708-2851942008-503 - Limited - Disabled)
Guest (S-1-5-21-1717588471-1589297708-2851942008-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1717588471-1589297708-2851942008-1003 - Limited - Enabled)
Ken's (S-1-5-21-1717588471-1589297708-2851942008-1000 - Administrator - Enabled) => C:\Users\Ken's
WDAGUtilityAccount (S-1-5-21-1717588471-1589297708-2851942008-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
 
==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.228 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.2.1 - Advanced Micro Devices, Inc.)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: - iMobie Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Armored Warfare MyCom) (Version: 1.195 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blitzkrieg Mod MapPack II version 1.0.0 (HKLM-x32\...\{29AF37FB-CD24-4474-97FC-876DA89DE07C}_is1) (Version: 1.0.0 - Blitzkrieg Mod Team)
Blitzkrieg Mod version 4.9.8 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.9.8 - Blitzkrieg Mod Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
 
==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.228 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.2.1 - Advanced Micro Devices, Inc.)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: - iMobie Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Armored Warfare MyCom) (Version: 1.195 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blitzkrieg Mod MapPack II version 1.0.0 (HKLM-x32\...\{29AF37FB-CD24-4474-97FC-876DA89DE07C}_is1) (Version: 1.0.0 - Blitzkrieg Mod Team)
Blitzkrieg Mod version 4.9.8 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.9.8 - Blitzkrieg Mod Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
 
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
 
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
Discord (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Discord) (Version: 0.0.306 - Discord Inc.)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{5B340CD5-07E3-41AA-9117-0A0EC863E454}) (Version: 1.1.220.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
GameCenter My.com (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\GameCenter) (Version: 4.1473 - My.com B.V.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
 
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HWiNFO64 Version 6.10 (HKLM\...\HWiNFO64_is1) (Version: 6.10 - Martin Malik - REALiX)
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{4DF3098D-2A9A-46DF-8B8C-9DD31D319739}) (Version: 20.2.9.6 - Intel) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{79E98F35-0524-446C-8EF5-4E863C4D87E2}) (Version: 6.2.0.24 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{a2f234ef-6c54-4ad2-a401-107bcbdfdef2}) (Version: 20.2.9.6 - Intel)
iTunes (HKLM\...\{D9D08A8F-5A03-486A-AD4D-3A438D521F8B}) (Version: 12.9.3.3 - Apple Inc.)
 
Killer Bandwidth Control Filter Driver (HKLM\...\{6A7B3213-F5AE-4C0D-87DD-CFA61B439ABB}) (Version: 1.1.50.1414 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{FBD1BE98-DA7C-403A-A504-7F1748689331}) (Version: 1.1.50.1414 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{2F785742-7788-48E9-8698-DC4FB138A017}) (Version: 1.1.50.1414 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{B9DDCA83-7B2C-474E-BACB-87DE05EF5DF4}) (Version: 1.1.50.1414 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
 
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mids Reborn (HKLM\...\{0E32E33A-063F-40D9-A9AC-43479650313E}) (Version: 2.6.0.7 - RebornTeam)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.24 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
NaturalPoint USB Drivers x64 (HKLM\...\{B408139D-04D6-4464-A979-D335E48F7063}) (Version: 2.50.0000 - NaturalPoint)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Photobucket Backup (HKLM-x32\...\{98813202-6C6E-4ABE-A128-6E8FB3368BE0}) (Version: 1.0.7.2104 - Photobucket)
 
Play withSIX Windows client (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\PlaywithSIX) (Version: 1.68.1327.1 - SIX Networks GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SYMPH (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0006 - )
TrackIR 4 (HKLM-x32\...\{b5931be2-83a8-4460-969a-29eb5e89d3c0}) (Version: 4.02.038 - NaturalPoint)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\Wargaming.net Game Center) (Version: 19.7.0.7412 - Wargaming.net)
World of Tanks (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)
World_of_Warships_NA (HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\WOWS.NA.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.165.800.0_x86__kgqvnymyfvs32 [2020-04-04] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-07] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.9.0.6_x86__h6adky7gbf63m [2020-03-13] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.91.4943.2_x64__8wekyb3d8bbwe [2020-03-21] (ms-resource:publisherDisplayName)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-30] (Microsoft Corporation)
WinOpener -> C:\Program Files\WindowsApps\DeviceDoctor.WinOpener_2.1.32.0_x64__mkdtfchztkfbm [2018-04-05] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1717588471-1589297708-2851942008-1000_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-01] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-01] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2013-12-28 20:28 - 2012-07-11 20:41 - 000040960 ____N ( ) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\Interop.CTSndCr.dll
2014-11-22 14:09 - 2014-05-19 18:19 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-11-22 14:09 - 2014-06-04 11:21 - 000571904 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2013-12-28 20:28 - 2012-11-01 12:21 - 000325120 _____ () [File not signed] C:\Windows\SYSTEM32\APOMgr64.DLL
2014-01-02 19:52 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2013-12-28 20:28 - 2011-09-22 20:04 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\CTLoadRs.dll
2013-12-28 20:28 - 2012-10-31 12:15 - 001007616 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\en-US\SBCinema.resources.dll
2020-03-22 00:21 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 000173568 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 001807360 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtCLucene4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 003276288 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtCore4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 012168192 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtGui4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 000750080 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtHelp4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 001085952 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtNetwork4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 000841728 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 001990144 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtScript4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 000897024 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtSql4.dll
2013-11-14 12:11 - 2013-11-14 12:11 - 000539136 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:\Program Files\Logitech Gaming Software\QtXml4.dll
2013-04-16 18:18 - 2013-04-16 18:18 - 000099840 _____ (Saitek) [File not signed] C:\Program Files\SmartTechnology\Software\ManuExtensionDLLs\AppLaunchEventDll.dll
2016-08-21 19:19 - 2012-02-29 12:51 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] E:\Program Files (x86)\Fitbit\DSI_SiUSBXp_3_1.DLL
2014-11-22 14:09 - 2014-06-04 11:21 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\tracing:? [16]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\driversupport.com -> hxxps://apps.driversupport.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2019-01-04 16:10 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020093407070\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020093407102\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\Control Panel\Desktop\\Wallpaper -> e:\pictures\avengers.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Local Area Connection: Killer Bandwidth Control -> BF_NdisLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "World of Tanks (1)"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1717588471-1589297708-2851942008-1000\...\StartupApproved\Run: => "AnyTransToolHelper"
 
==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8E879E8B-90B0-4AE6-A173-A20F419C9274}] => (Allow) E:\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{7CF970D9-5CE2-496A-B441-0280A6E8FEE0}] => (Allow) E:\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{8DEA1681-9F81-4235-9404-566453BA61A5}] => (Allow) E:\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{1E0A7D4F-5CAF-4779-980D-D9F88C242E45}] => (Allow) E:\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{96511934-EC4B-494B-B6F5-A0F97A901DB4}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{C1E908AD-996B-4496-88F0-908F51AB7500}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{2D1944C0-153F-4D5A-B04E-8166F87EDEDC}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{CFD4B307-7AFA-4B97-A1F0-6A8682611951}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{228AC66D-FC7C-4CE8-9CC0-48F38E052C07}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5ED4C7F8-A609-42A8-995B-EAD93263A3D9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7ABD4B06-0388-411B-A78E-7B95365A6EAD}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\MissionEditor\Editor.exe () [File not signed]
FirewallRules: [{9C217047-10F8-4D38-B7C2-6B1F078AB095}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\MissionEditor\Editor.exe () [File not signed]
FirewallRules: [{10A0C575-EFAA-447B-A88B-8A816B091190}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow_editor.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{7A9CD403-5F92-47EB-A2E1-68E6C640B9FE}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow_editor.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{18134CDD-56F3-419D-B245-87EA590109AC}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{C40DDD1B-6E7D-4A57-AF88-DDDA75A489B6}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{5E6FF37E-C3D4-4D30-BE6C-CE98893FFCAF}] => (Allow) E:\Steam\SteamApps\common\Men of War Red Tide\RedTide.exe ("1c" Corp) [File not signed]
FirewallRules: [{384DE407-0AAF-44E1-9E25-C7435E90C770}] => (Allow) E:\Steam\SteamApps\common\Men of War Red Tide\RedTide.exe ("1c" Corp) [File not signed]
FirewallRules: [{B1CB5D4E-CF7D-4F4C-AAF0-339ECB774F32}] => (Allow) E:\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2ECE8D33-A6B8-463E-A3B8-FB5EA1A8CF52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA9FE986-A079-45F9-8DD5-12861A4DACC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5DC5FAD5-9E65-4DAF-BFB1-77575B77A80A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8663CF09-81C9-4E88-8821-16FED2BBFF2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B1FDDDF7-824D-4E84-A5C4-ABDF35277C89}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{2C7ED7F9-5F71-4E67-B0E4-A3D38FD154A3}C:\users\ken's\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\ken's\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{DF01C175-36FB-4EEB-A315-0248B31341C4}C:\users\ken's\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\ken's\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{3FA73DA7-3024-4D9B-AA7D-A4ADAADDB491}] => (Allow) F:\SteamLibrary\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C6C045BC-DB44-4CBB-9BF7-FEBA681EB2B9}] => (Allow) F:\SteamLibrary\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [UDP Query User{E73D3ED9-25AD-49EF-923A-69C28A8E520A}F:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File
FirewallRules: [TCP Query User{52E53B61-DFA2-4010-AA83-FCE54DCAAA13}F:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File
FirewallRules: [{C0F67A07-3856-4AAD-82F0-E76FA4B85E0E}] => (Allow) F:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe No File
FirewallRules: [{49D23260-B029-4CB3-AA83-17FE240A66DE}] => (Allow) F:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe No File
FirewallRules: [UDP Query User{A8767058-4E26-4CB4-BE41-75226D46AAFC}F:\games\world_of_tanks\worldoftanks.exe] => (Allow) F:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [TCP Query User{7FB93E13-4A2A-492A-998C-439951F6289F}F:\games\world_of_tanks\worldoftanks.exe] => (Allow) F:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [UDP Query User{899B041D-74E2-4DAE-8722-2CA6D12E507E}F:\games\world_of_tanks\wotlauncher.exe] => (Allow) F:\games\world_of_tanks\wotlauncher.exe No File
FirewallRules: [TCP Query User{3B71610A-8CCB-4598-B4D5-187EAAB8022A}F:\games\world_of_tanks\wotlauncher.exe] => (Allow) F:\games\world_of_tanks\wotlauncher.exe No File
FirewallRules: [{216F77EA-B074-40E3-921C-92588B904049}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
 
FirewallRules: [{673653E7-7E23-4028-B8B2-42B847151B92}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{129F77B0-3AE9-499C-B8DD-22BED5ACE58F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{BCB22B95-FC64-4791-926D-1AE2EBDC18FD}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [UDP Query User{E57880A0-3740-4321-AE18-6F79EA044C87}F:\world_of_tanks\wotlauncher.exe] => (Allow) F:\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{9B905012-2B91-4233-BD92-8FAD22161EBB}F:\world_of_tanks\wotlauncher.exe] => (Allow) F:\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{450A8B68-D02F-4F83-AED9-3401030E31B3}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC567042-E3F2-4BFA-8742-E3F2D4EE5641}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{07070733-0036-45E4-AC67-88314E2DC16A}F:\world_of_tanks\worldoftanks.exe] => (Allow) F:\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0AD4418D-A080-4703-9965-6C0994810451}F:\world_of_tanks\worldoftanks.exe] => (Allow) F:\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{E787A6F4-1FA1-4565-8D93-649537890A35}] => (Allow) F:\SteamLibrary\steamapps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [File not signed]
FirewallRules: [{BCCD3EB0-771E-4375-BFC8-6E3AE2B6A79F}] => (Allow) F:\SteamLibrary\steamapps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [File not signed]
FirewallRules: [UDP Query User{CEE840E0-83F2-4450-A420-53E70F9A356F}F:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{D266B8A5-257A-4EA7-AF05-E1E7E8E7F193}F:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{FBDE282A-F2C7-4BB3-A08E-E16FDD264465}] => (Allow) F:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{D763A01E-9655-4C74-98D9-747E2CE367FB}] => (Allow) F:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{5FF832FD-E909-4891-A563-1C061D5CE7B7}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes Relaunch\Blitzkrieg Launcher.exe (Wolf) [File not signed]
FirewallRules: [{AD623675-54FF-44FD-8FBB-66D1C322FC8A}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes Relaunch\Blitzkrieg Launcher.exe (Wolf) [File not signed]
FirewallRules: [{9440ED70-1ED9-41DF-B986-23E70AC56894}] => (Allow) E:\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe () [File not signed]
FirewallRules: [{4295EEE1-CC50-4385-BEB7-DE5679605793}] => (Allow) E:\Steam\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe () [File not signed]
FirewallRules: [{4BB7F65A-5C2B-4C81-81AE-526059E00C5C}] => (Allow) E:\Steam\SteamApps\common\Influent\Influent.exe () [File not signed]
FirewallRules: [{8D28C741-75C3-40A0-9763-D41544633A85}] => (Allow) E:\Steam\SteamApps\common\Influent\Influent.exe () [File not signed]
FirewallRules: [UDP Query User{EF872332-CD40-4E8E-B81D-1DF0072CBC6A}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{5B7D2750-D65D-488F-BB3D-AE9717DFB217}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3385D32A-103C-4CEF-B930-54AF86D0BFB2}] => (Allow) E:\Steam\SteamApps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{78DAFB39-1FAB-4BA1-9CDD-2CB1A39CE735}] => (Allow) E:\Steam\SteamApps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{680974DC-8FFB-4536-8985-A6F0371B0E40}] => (Allow) E:\Steam\SteamApps\common\Battle of Empires 1914-1918\BoE-1914.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{B3348F5C-C38E-4FE1-AE9E-A139CCE17BA7}] => (Allow) E:\Steam\SteamApps\common\Battle of Empires 1914-1918\BoE-1914.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{4D0463A2-5653-4844-870E-60C313BE4B3C}] => (Allow) E:\Steam\SteamApps\common\DCSWorld\bin\DCS.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{FAAB7F24-4C6B-4364-AF1B-16DCB8EBB787}] => (Allow) E:\Steam\SteamApps\common\DCSWorld\bin\DCS.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{FD78FD72-48B6-4928-B6D7-BEF8F019477A}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\HotwLauncher.exe (Microsoft) [File not signed]
FirewallRules: [{42B368E8-BB58-46E9-A4BC-B51D4F98A986}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\HotwLauncher.exe (Microsoft) [File not signed]
FirewallRules: [UDP Query User{5E418214-AE94-4ADD-B255-7A93938A6252}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{6CA5056D-F569-459B-BB16-87F871A17543}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{92924382-1F6E-4C05-A3C7-E35A06219DAE}] => (Allow) E:\Steam\SteamApps\common\Tropico 4\Tropico4.exe (Haemimont Games) [File not signed]
FirewallRules: [{D7AEEF37-1222-4310-84CD-37B07C133D1E}] => (Allow) E:\Steam\SteamApps\common\Tropico 4\Tropico4.exe (Haemimont Games) [File not signed]
FirewallRules: [{7B1063D4-B540-4FF1-8738-E8C6073D7925}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8253A9AD-21B5-4F43-845D-8D9FA7B7D347}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DD64F41A-6F4C-4C59-B231-F4711F8E0B69}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{28E85761-B7C2-47D8-89CA-24321B8652D3}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{3A2354DC-C7ED-4C7C-9D08-7E14445ECAF2}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{96257AC2-047A-4242-9272-3CAAA255BEC6}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{C7DD3962-E1F7-46C1-9F46-192DA6831AF8}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow_editor.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{2E42D1B0-752C-46ED-98A3-A8811701EACF}] => (Allow) E:\Steam\SteamApps\common\Men of War\mow_editor.exe ("Best Way" Corp) [File not signed]
FirewallRules: [{E461A095-BE06-4128-88AD-BEA9533773CF}] => (Allow) E:\Steam\SteamApps\common\Men of War Red Tide\RedTide.exe ("1c" Corp) [File not signed]
FirewallRules: [{2F78E48D-F196-4228-AC32-6A79F7B5E0E8}] => (Allow) E:\Steam\SteamApps\common\Men of War Red Tide\RedTide.exe ("1c" Corp) [File not signed]
FirewallRules: [{DDCD1DAD-01BC-43E7-BD4E-3E4D71CBE10D}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{06A40707-BECF-404B-ABAE-64A5B6F402FC}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{4AF5913D-2E60-4BB4-AE38-8CEDE7EED982}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{FE458DF1-A2C8-4422-A7B4-D4EA7DB2B025}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{82EC4F67-B469-4CED-9115-A43554CE2ECA}] => (Allow) E:\Steam\SteamApps\common\RedOrchestra2Beta\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{F36E9DBD-1356-47A6-A621-C5E8C3CFE364}] => (Allow) E:\Steam\SteamApps\common\RedOrchestra2Beta\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{153FC44D-B1D4-4DA3-BA60-5DEF045ECC8F}] => (Allow) E:\Steam\SteamApps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{F6795C2C-7645-4DE5-989D-25247E4B0107}] => (Allow) E:\Steam\SteamApps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{5C0755C9-5259-45E9-8C36-042FB0BCE623}] => (Allow) E:\Steam\SteamApps\common\Soldiers Heroes of World War 2\soldiers.exe ("Bestway" Corp) [File not signed]
FirewallRules: [{3E91F5EC-4BD3-4D5E-A15F-16ED09C3E575}] => (Allow) E:\Steam\SteamApps\common\Soldiers Heroes of World War 2\soldiers.exe ("Bestway" Corp) [File not signed]
FirewallRules: [{E0F0588A-CD8F-43C5-BADD-60F46C362EE5}] => (Allow) E:\Steam\SteamApps\common\Silent Hunter 3\sh3.exe (Ubisoft) [File not signed]
FirewallRules: [{C5F87958-E62E-483F-8730-9C4919ED9E0C}] => (Allow) E:\Steam\SteamApps\common\Silent Hunter 3\sh3.exe (Ubisoft) [File not signed]
FirewallRules: [{B7EE9098-E8DD-4FE0-92FE-45DD8EF7EE5D}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra\System\RedOrchestra.exe () [File not signed]
FirewallRules: [{A45C3D41-5A7F-4FF2-AA74-A3E1DA7AFB94}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra\System\RedOrchestra.exe () [File not signed]
FirewallRules: [{9AA92A5D-95AC-4772-ABE4-E3236FAEE480}] => (Allow) E:\Steam\SteamApps\common\Rising Storm Beta\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{E9CC5B0A-2539-4161-9CEA-C6310FFA71BC}] => (Allow) E:\Steam\SteamApps\common\Rising Storm Beta\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{9CF75955-B8CB-4210-87B4-1459D6C77D92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{ECA8D503-79B5-48D4-8DA1-45BB1FAFD5F3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{82F1B0C1-E39C-45D6-A52E-34C1EC5DE9D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D26FF09E-BFA5-4246-95BD-AC100BAE760B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B82FB308-C472-4685-A79B-08B9DEDFBB00}] => (Allow) E:\Steam\SteamApps\common\Pacific Storm - Allies\bin\allies.exe () [File not signed]
FirewallRules: [{A6384E5B-C464-47DC-B756-82FF43C5415E}] => (Allow) E:\Steam\SteamApps\common\Pacific Storm - Allies\bin\allies.exe () [File not signed]
FirewallRules: [{BF2A698A-C8BA-4B2A-8335-689BC45B8F52}] => (Allow) E:\Downloads\System Downloads\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5D8B5163-5F2D-4EA7-99C2-5F88170BA2E8}] => (Allow) E:\Downloads\System Downloads\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2D7ACEDE-435D-4AC1-913E-181B236C65E9}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{5502ADB4-BE79-4F72-B158-ACA120A65208}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{1152D832-39D8-40D9-983B-E64F99534DB7}] => (Allow) E:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe () [File not signed]
FirewallRules: [{D60E4A01-BE30-432C-919F-C8B94549B5DC}] => (Allow) E:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe () [File not signed]
FirewallRules: [{37F21864-4BA7-4549-9F50-EF4F4891BAB1}] => (Allow) E:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Online\Launcher.exe (Ubisoft Divertissement Inc -> Ubisoft)
FirewallRules: [{4A9DDC38-4002-480B-B935-8F662C6A7D9C}] => (Allow) E:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Online\Launcher.exe (Ubisoft Divertissement Inc -> Ubisoft)
FirewallRules: [{11D5B528-D3DA-4ED1-9BCA-0C736FE70074}] => (Allow) E:\Steam\SteamApps\common\Medieval II Total War\medieval2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{8F8BEC4E-5412-4D14-B40A-E88E9E820B85}] => (Allow) E:\Steam\SteamApps\common\Medieval II Total War\medieval2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{77B015DF-4BBF-46E9-A7B5-59114AA91B45}] => (Allow) E:\Steam\SteamApps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{9A745683-D887-43E2-8247-7B6B083AB7C0}] => (Allow) E:\Steam\SteamApps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [TCP Query User{0F06386F-3EB5-4228-8F58-1DB2530A37D1}E:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe] => (Allow) E:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe (Ubisoft Divertissement Inc -> )
FirewallRules: [UDP Query User{652449BF-FCCC-469C-9DA9-F6826FB3660B}E:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe] => (Allow) E:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe (Ubisoft Divertissement Inc -> )
FirewallRules: [{01424527-2068-43C3-9027-A7C07FB49A31}] => (Allow) E:\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe (Eugen Systems -> Eugen Systems)
FirewallRules: [{AB368520-2DF7-41AD-A269-71CB3697A673}] => (Allow) E:\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe (Eugen Systems -> Eugen Systems)
FirewallRules: [{9CE860C0-B48B-49BB-BDBB-E9FD00E2F0EB}] => (Allow) E:\Steam\SteamApps\common\Arma 3\arma3.exe No File
FirewallRules: [{25AA787D-4CC1-4A9B-97FB-DD8F03D0D4F6}] => (Allow) E:\Steam\SteamApps\common\Arma 3\arma3.exe No File
FirewallRules: [{C8311594-BDA7-460B-B0D2-4CA1F755B2D9}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe () [File not signed]
FirewallRules: [{61FC38EA-6233-4C93-B18A-508771676F2F}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{43AF1EF6-A238-46A4-9DE3-18B68A4B1DA1}E:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{ACD6FE9B-6155-4D20-B0C6-810F1BF18E17}E:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C30F8643-DBED-453D-B1A7-32C9CCA23A6A}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe () [File not signed]
FirewallRules: [{6FF48DDF-EE8B-4594-B475-D0652AEEA63B}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{CAA2D296-813D-4D7A-A04C-F41EBA09D4A6}E:\steam\steamapps\common\chivalrymedievalwarfarebeta\binaries\win64\cmw.exe] => (Allow) E:\steam\steamapps\common\chivalrymedievalwarfarebeta\binaries\win64\cmw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D678C4F3-CFC0-4FCA-B054-086B84ED40D6}E:\steam\steamapps\common\chivalrymedievalwarfarebeta\binaries\win64\cmw.exe] => (Allow) E:\steam\steamapps\common\chivalrymedievalwarfarebeta\binaries\win64\cmw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F2F7750D-0763-4B9F-9CE5-E0035B9CA882}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8D945092-925E-4CC7-8D66-CB04BBFF3396}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{60CF6AB7-BA71-46C6-A18C-7F050AA64AD4}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{41E6E0A2-4407-4C00-A1DC-2CF373538354}] => (Allow) E:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{707616A1-B3A4-4AF9-BDBD-4B6523D3D67F}] => (Allow) E:\Steam\SteamApps\common\Silent Hunters Wolves of the Pacific\sh4.exe (Ubisoft) [File not signed]
FirewallRules: [{530416F9-C959-4BE6-8318-3B2CDCE26E22}] => (Allow) E:\Steam\SteamApps\common\Silent Hunters Wolves of the Pacific\sh4.exe (Ubisoft) [File not signed]
FirewallRules: [{8CD056DC-EE39-4CF3-97E7-4C801E76A8BB}] => (Allow) E:\Steam\SteamApps\common\Hearts of Iron 2 Complete Pack\HoI2.exe (Paradox Interactive) [File not signed]
FirewallRules: [{B2D3B8F1-03A9-469E-BD76-8A5F7F18C2C5}] => (Allow) E:\Steam\SteamApps\common\Hearts of Iron 2 Complete Pack\HoI2.exe (Paradox Interactive) [File not signed]
FirewallRules: [{CF91081A-0700-45E0-8F65-A7685FB0689E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9671DD07-1D08-42E5-97AF-2808F525112D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2531016-E4CA-4956-8A42-1A21D28CD19F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88CF905A-A104-495F-B482-68CCFD518EAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{02F6EEEF-7655-4E4C-868D-5CB9B5865CD6}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\tow.exe (1C Company) [File not signed]
FirewallRules: [{0DE39018-F0AF-417E-B2B1-5BFB3F8E6E77}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\tow.exe (1C Company) [File not signed]
FirewallRules: [{3F8D22A9-239E-4E51-ACC6-4207832C847B}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{E8A56E2C-9AEA-48AC-A4CB-1FD28040C1AF}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{51BA074B-5FF0-4D81-81D9-7D7DB3895B41}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{CF20ABDE-2253-4C23-B4F2-A210FBF511A6}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{3A154C1F-F235-488C-98D7-B1E3154637F6}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\Builder.exe () [File not signed]
FirewallRules: [{C67201D2-42FC-4AAF-8D5B-C04E66F6A280}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\Builder.exe () [File not signed]
FirewallRules: [{743E1B58-74BF-44DF-9A98-82C9A720E930}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\towsetup.exe () [File not signed]
FirewallRules: [{96F9392A-B526-464D-8F94-8694F1B591DF}] => (Allow) E:\Steam\SteamApps\common\Theatre of War\towsetup.exe () [File not signed]
FirewallRules: [{93AA98A3-D00B-4FC6-8F2C-D28512501018}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\Africa1943.exe () [File not signed]
FirewallRules: [{855E0ED6-F7C7-4962-9C13-A5F9389520B6}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\Africa1943.exe () [File not signed]
FirewallRules: [{928CCE54-F234-40DB-BB0F-AEC2F3CEA340}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\builder.exe () [File not signed]
FirewallRules: [{FD74DE8D-0905-4C41-8576-DAA0356ABA74}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\builder.exe () [File not signed]
FirewallRules: [{5925E1B1-2A5C-45B4-88AE-771DEAC3D01D}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\options.exe (1C Company -> ) [File not signed]
FirewallRules: [{2751AB29-1DF8-4BA0-8232-AC916B7DF8CD}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\options.exe (1C Company -> ) [File not signed]
FirewallRules: [{FA6F58FF-E74F-40F4-818A-F000EDB3999F}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\Kursk1943.exe () [File not signed]
FirewallRules: [{AE0E52BD-A8DA-4038-A165-EEFDF96472AA}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\Kursk1943.exe () [File not signed]
FirewallRules: [{48D69B38-6DB2-45EB-8F1D-C278A6FC94B6}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\Builder.exe () [File not signed]
FirewallRules: [{C6715B3A-8330-44C6-998A-09DE00EEB098}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\Builder.exe () [File not signed]
FirewallRules: [{AEBF9830-EE85-4C19-93A6-45813BEF9A80}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\Options.exe () [File not signed]
FirewallRules: [{19463F1F-463B-44BC-AD5F-58E1F6CC54A1}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\Options.exe () [File not signed]
FirewallRules: [{B3B8D86E-5732-4174-9538-5BADFCA0EB63}] => (Allow) E:\Steam\SteamApps\common\World in Conflict\wic.exe (Massive Entertainment) [File not signed]
FirewallRules: [{D71C6D1A-6387-41D5-BF08-1AA3CDA51BB2}] => (Allow) E:\Steam\SteamApps\common\World in Conflict\wic.exe (Massive Entertainment) [File not signed]
 
FirewallRules: [TCP Query User{9C7654EB-CA63-4B3D-8C95-7D199F5C3ABB}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [UDP Query User{92975FFD-0792-4D9B-AD2A-0AAE594AE835}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{C542FD8D-90F9-42E4-85E5-E02E4D7C6652}] => (Allow) E:\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [{875DADB2-8DA5-4651-9C9B-7A708E36A7E9}] => (Allow) E:\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [{51FBFC43-6EED-4F0B-9ACB-46605123D94F}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{3AE5E00A-7F9B-4DAA-AF48-208CF0600C0C}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{65BFEBCC-CFEE-48AF-977E-25D4740B3540}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{800EEAD5-4504-4333-AD8E-15FA1B95AE95}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{48E56C5B-4B40-425E-8ACF-CDE53E5C71C9}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\MissionEditor\Editor.exe () [File not signed]
FirewallRules: [{206C004D-83E7-4977-81EC-9BCE5F167465}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\MissionEditor\Editor.exe () [File not signed]
FirewallRules: [{D01900DC-A0C5-4A1B-A6C0-2E8A25B7B23B}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe () [File not signed]
FirewallRules: [{4B5031FF-5FFC-4C93-A8FD-84D76995856B}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe () [File not signed]
FirewallRules: [{77E40173-3FCA-47B9-AFC0-EF95188642AF}] => (Allow) E:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{0CEF3DA7-5371-4137-BAC3-FF90A47B5B92}] => (Allow) E:\Games\World_of_Tanks\WorldofTanks.exe No File
FirewallRules: [{36B7B5CC-D2D5-4AFC-ACC6-7502A3604832}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [{FAFF3099-66DC-42DC-845D-EDF58E9B4A3B}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [TCP Query User{D9E93F66-9D4C-4C40-8CC7-2A8B715950FF}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [UDP Query User{915C8CD6-970D-45E9-923C-413959787C83}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [TCP Query User{A1977686-956F-4070-9DAC-23B4081A1E92}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{78BF021C-4ED9-441B-A534-876689EA8A6D}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{D64833D5-C2C2-4A22-9C5E-A0AB3290AFFC}E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [UDP Query User{D3C02E01-D099-4895-8D30-6166FD0F5D4D}E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [{FDD40FC3-450A-48EB-BE14-50D7B736D540}] => (Block) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [{D5C11BC4-2D2B-4B7F-9EE1-BD2B5AA5F329}] => (Block) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [{08034BEF-BA59-4BB0-A171-9E2686E50749}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{FEF14820-FF60-4681-BB25-B72B48B5F60A}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{411C6587-46B4-49A5-9C96-EF3656CD349C}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Fall of the Reich\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{1BCE6331-303D-4FF1-917C-73F3D2E031FB}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Fall of the Reich\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{B6F3A8E2-DAAE-4BFD-B7AE-04D5F0EB8C82}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Liberation\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{E1DDB2BF-B158-41AD-B4BB-795D5AD9C182}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Liberation\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [TCP Query User{E80103D2-FE9A-43C0-B4EE-45B17929D7E0}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{8BC8A2B9-D354-4B9D-85D5-AADC133D8E5E}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [{E56AFA88-5DF1-490B-B3AF-4948FCC02D2F}] => (Allow) E:\Steam\SteamApps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{F974938F-2921-4157-91E2-67A1FC225B73}] => (Allow) E:\Steam\SteamApps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{D06258D1-9CA8-4353-9BB3-2733E3549AE2}] => (Allow) E:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{19D9C651-746D-4200-A18A-1534E2E0DB7E}] => (Allow) E:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{5850B596-6529-41E3-BAC3-293998840B48}] => (Allow) E:\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{DDFEF195-75DF-4D73-BB95-8C1015B76FD4}] => (Allow) E:\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{E534877E-7EB4-4C33-89A0-21BB4E9E7EE1}] => (Allow) E:\Steam\SteamApps\common\Naval Action\Client.exe (Game Labs, Inc. -> )
FirewallRules: [{EF9AFD72-7CA7-4CBD-BF11-018DA81208E5}] => (Allow) E:\Steam\SteamApps\common\Naval Action\Client.exe (Game Labs, Inc. -> )
FirewallRules: [{ABCF93E3-D643-4B35-AF31-5BC3F7963151}] => (Allow) E:\Steam\SteamApps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{59C6F7F6-798C-42A3-B0B2-AE8E29B36005}] => (Allow) E:\Steam\SteamApps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{97E030C7-13B7-47D3-AB12-9960F3E73E05}] => (Allow) E:\Steam\SteamApps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{08FE3BD5-5295-45A7-B181-5180B3D1B542}] => (Allow) E:\Steam\SteamApps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [TCP Query User{3BED433A-69FA-4D81-B968-7BCF558FA80C}E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe] => (Allow) E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe () [File not signed]
FirewallRules: [UDP Query User{44D43CA5-B754-4DDF-8D30-CAE03BDA5879}E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe] => (Allow) E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe () [File not signed]
FirewallRules: [{1E7ABB74-EDC6-490B-B176-68DC8B122CA2}] => (Allow) E:\Steam\SteamApps\common\VictoryAtSea\VictoryAtSea.exe () [File not signed]
FirewallRules: [{6BEFFF4C-F088-4F2D-8F52-367F8628D043}] => (Allow) E:\Steam\SteamApps\common\VictoryAtSea\VictoryAtSea.exe () [File not signed]
FirewallRules: [{FD383921-D496-432D-964D-65BE7A16F57C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9E5ACE7C-B098-4FFA-A78B-011A82391615}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5AB7A839-D4A6-4457-B232-4D27413525C1}] => (Allow) E:\Steam\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{3983D1CE-512B-4780-B385-B02928297C2D}] => (Allow) E:\Steam\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{7E4809CD-028C-44EB-B83B-37F9408E3EA9}] => (Allow) E:\Steam\SteamApps\common\OfGuardsAndThieves\OGAT.exe () [File not signed]
FirewallRules: [{FF66CD0B-372E-4803-AA38-988B616E26A1}] => (Allow) E:\Steam\SteamApps\common\OfGuardsAndThieves\OGAT.exe () [File not signed]
FirewallRules: [{C8034699-007A-48D4-B6B6-A3B9EA7063EA}] => (Allow) E:\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{13861E6A-D6D3-441F-BE77-3FE21CC893FB}] => (Allow) E:\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DAA7F741-C0DB-4EFB-883E-6530CFF4FB68}] => (Allow) E:\Steam\SteamApps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{B33D0E24-626B-48A2-BCD0-8681D9A2D075}] => (Allow) E:\Steam\SteamApps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [TCP Query User{7CACD146-3D71-4D89-83B7-09D04ED56486}E:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3_x64.exe No File
FirewallRules: [UDP Query User{A82D755E-9C0C-4784-9813-29F9A1788D9D}E:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3_x64.exe No File
FirewallRules: [{BB277D70-4F82-487C-8004-0AE40A680108}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe (Firaxis Games) [File not signed]
FirewallRules: [{C5CF2101-375D-47D3-9DC7-A8B8CB973BE6}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe (Firaxis Games) [File not signed]
FirewallRules: [{36B4635D-41BB-47E8-8F8C-4DBF30D516E3}] => (Allow) E:\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe (1C Company -> 1C:SoftClub)
FirewallRules: [{4D8A5A54-AF75-4A62-A276-3C8D34F43599}] => (Allow) E:\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe (1C Company -> 1C:SoftClub)
FirewallRules: [TCP Query User{A95132A4-409F-46A7-9201-A58DFB336DCE}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Allow) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [UDP Query User{B565C1FC-B917-4A8A-BDE6-FAF12C240D61}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Allow) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [{4A0ADA85-0D27-40C3-8F9A-64217AC745B7}] => (Allow) F:\SteamLibrary\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{61118A9D-84AC-45F1-B162-8AE4F219CA23}] => (Allow) F:\SteamLibrary\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{CE5F22E8-A6B7-4859-81F5-1B5C63257F62}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{A28C5D39-8F30-4F85-A737-7D34DA2CACEB}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{FA7852BC-ADC2-44DF-951B-5C1553649F66}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{5A8D55B1-7160-4242-A576-1B36C8E0CA56}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{E629D839-67F3-463B-86CD-B21A0D236C8D}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [{C2676A0A-DDC4-4C45-B228-DD37F6122F31}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [{4A405798-52F5-4757-BB15-D8226C742A84}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe () [File not signed]
FirewallRules: [{DEAE9D13-90C1-4B4C-9CEA-FB5C378CE30C}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe () [File not signed]
FirewallRules: [{87496EC9-0F1D-495F-BF76-801A43D84582}] => (Allow) E:\Steam\SteamApps\common\KARDS\kards.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9094EF78-E8BF-4C95-BD20-E40DB0BA3EBC}] => (Allow) E:\Steam\SteamApps\common\KARDS\kards.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{27724F38-089E-4E66-A16C-D506AFE0862F}E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe (1939 Games) [File not signed]
FirewallRules: [UDP Query User{14406A70-D3C8-4D83-A139-526F5A1B9068}E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe (1939 Games) [File not signed]
FirewallRules: [{3AE7B02A-C57A-4699-95D8-9888F54A0DD8}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{CD0EBA0D-0F94-44F1-8C76-4EDA68322B6C}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [TCP Query User{D036BCB4-0795-42CE-8E0F-1216F3161F73}E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{0C2C8441-765C-40DA-BD15-24C3FBA4E1EF}E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{F5B25547-AF65-4DC7-8AD5-D9A53A21AF25}] => (Allow) E:\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{408D2176-D67B-4870-A840-8C89CE76EA83}] => (Allow) E:\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{2E4D9845-88E3-4644-82F7-9A7BE93AC2BA}E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [UDP Query User{797CD1DA-C020-4720-9FCA-9964C854C511}E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [{AC57A4A8-61D3-40C1-B6AF-ED6B6B98DEE7}] => (Allow) LPort=26789
FirewallRules: [{B2130514-AECF-42A0-94C1-EF835ED2C796}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.28 GB) (Free:6.39 GB) (6%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/04/2020 09:34:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MSI_LED.exe, version: 6.2.0.96, time stamp: 0xf3f2611b
Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0x4061c730
Exception code: 0xe0434352
Fault offset: 0x00114192
Faulting process id: 0x1ed4
Faulting application start time: 0x01d60a8e16950ffa
Faulting application path: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: d35bb588-7b4c-4e80-8ac5-a8ee8bd5af31
Faulting package full name:
Faulting package-relative application ID:

Error: (04/04/2020 09:34:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MSI_LED.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
at System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
at System.Windows.Application.<.ctor>b__1_0(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at System.Windows.Application.Run()
at MSI_LED.App.Main()

Error: (04/04/2020 01:04:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/04/2020 12:18:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6676,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/04/2020 12:06:23 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9420,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/03/2020 11:18:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6440,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/03/2020 11:10:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2620,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/03/2020 10:18:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11592,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (04/04/2020 09:39:28 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.146.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (04/04/2020 09:34:18 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.146.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (04/04/2020 01:13:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly. It has done this 1 time(s).

Error: (04/02/2020 11:41:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly. It has done this 1 time(s).

Error: (04/02/2020 08:39:12 PM) (Source: DCOM) (EventID: 10010) (User: Kens-PC)
Description: The server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} did not register with DCOM within the required timeout.

Error: (04/01/2020 10:13:15 PM) (Source: DCOM) (EventID: 10010) (User: Kens-PC)
Description: The server {F53321FA-34F8-4B7F-B9A3-361877CB94CF} did not register with DCOM within the required timeout.

Error: (04/01/2020 02:34:33 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.146.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (04/01/2020 02:29:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.146.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.


Windows Defender:
===================================
Date: 2019-08-17 13:36:39.780
Description:
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===================================

Date: 2020-04-04 09:38:16.488
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:38:16.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:38:15.225
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:38:15.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:36:39.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:36:39.822
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:36:39.578
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-04 09:36:39.571
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.5 09/11/2013
Motherboard: MSI Z87-GD65 GAMING (MS-7845)
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 16326.76 MB
Available physical RAM: 11234.89 MB
Total Virtual: 18310.76 MB
Available Virtual: 10870.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.28 GB) (Free:6.39 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.41 GB) (Free:230.43 GB) NTFS
Drive f: (Crucial SSD MX500) (Fixed) (Total:465.76 GB) (Free:164.29 GB) NTFS

\\?\Volume{1bffbec4-7065-11e3-a644-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{7d115ac6-0000-0000-0000-20d21b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7D115ABE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 7D115AC6)
Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=518 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1F3B3181)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
FirewallRules: [TCP Query User{9C7654EB-CA63-4B3D-8C95-7D199F5C3ABB}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [UDP Query User{92975FFD-0792-4D9B-AD2A-0AAE594AE835}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{C542FD8D-90F9-42E4-85E5-E02E4D7C6652}] => (Allow) E:\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [{875DADB2-8DA5-4651-9C9B-7A708E36A7E9}] => (Allow) E:\Steam\SteamApps\common\Valiant Hearts\Valiant Hearts.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [{51FBFC43-6EED-4F0B-9ACB-46605123D94F}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{3AE5E00A-7F9B-4DAA-AF48-208CF0600C0C}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\MissionGen.exe (1C) [File not signed]
FirewallRules: [{65BFEBCC-CFEE-48AF-977E-25D4740B3540}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{800EEAD5-4504-4333-AD8E-15FA1B95AE95}] => (Allow) E:\Steam\SteamApps\common\Theatre of War 2 Africa 1943\MissionEditor\Editor.exe (1C) [File not signed]
FirewallRules: [{48E56C5B-4B40-425E-8ACF-CDE53E5C71C9}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\MissionEditor\Editor.exe () [File not signed]
FirewallRules: [{206C004D-83E7-4977-81EC-9BCE5F167465}] => (Allow) E:\Steam\SteamApps\common\Theatre of War II Kursk 1943\MissionEditor\Editor.exe () [File not signed]
FirewallRules: [{D01900DC-A0C5-4A1B-A6C0-2E8A25B7B23B}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe () [File not signed]
FirewallRules: [{4B5031FF-5FFC-4C93-A8FD-84D76995856B}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe () [File not signed]
FirewallRules: [{77E40173-3FCA-47B9-AFC0-EF95188642AF}] => (Allow) E:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{0CEF3DA7-5371-4137-BAC3-FF90A47B5B92}] => (Allow) E:\Games\World_of_Tanks\WorldofTanks.exe No File
FirewallRules: [{36B7B5CC-D2D5-4AFC-ACC6-7502A3604832}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [{FAFF3099-66DC-42DC-845D-EDF58E9B4A3B}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [TCP Query User{D9E93F66-9D4C-4C40-8CC7-2A8B715950FF}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [UDP Query User{915C8CD6-970D-45E9-923C-413959787C83}E:\games\il-2 strumovik 1946\il2fb.exe] => (Allow) E:\games\il-2 strumovik 1946\il2fb.exe () [File not signed]
FirewallRules: [TCP Query User{A1977686-956F-4070-9DAC-23B4081A1E92}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{78BF021C-4ED9-441B-A534-876689EA8A6D}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{D64833D5-C2C2-4A22-9C5E-A0AB3290AFFC}E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [UDP Query User{D3C02E01-D099-4895-8D30-6166FD0F5D4D}E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [{FDD40FC3-450A-48EB-BE14-50D7B736D540}] => (Block) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [{D5C11BC4-2D2B-4B7F-9EE1-BD2B5AA5F329}] => (Block) E:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe (Mail.Ru Group) [File not signed]
FirewallRules: [{08034BEF-BA59-4BB0-A171-9E2686E50749}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{FEF14820-FF60-4681-BB25-B72B48B5F60A}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{411C6587-46B4-49A5-9C96-EF3656CD349C}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Fall of the Reich\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{1BCE6331-303D-4FF1-917C-73F3D2E031FB}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Fall of the Reich\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{B6F3A8E2-DAAE-4BFD-B7AE-04D5F0EB8C82}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Liberation\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [{E1DDB2BF-B158-41AD-B4BB-795D5AD9C182}] => (Allow) E:\Steam\SteamApps\common\Blitzkrieg 2 Anthology\Blitzkrieg 2 - Liberation\bin\game.exe (NIVAL Interactive) [File not signed]
FirewallRules: [TCP Query User{E80103D2-FE9A-43C0-B4EE-45B17929D7E0}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{8BC8A2B9-D354-4B9D-85D5-AADC133D8E5E}C:\users\ken's\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ken's\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [{E56AFA88-5DF1-490B-B3AF-4948FCC02D2F}] => (Allow) E:\Steam\SteamApps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{F974938F-2921-4157-91E2-67A1FC225B73}] => (Allow) E:\Steam\SteamApps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{D06258D1-9CA8-4353-9BB3-2733E3549AE2}] => (Allow) E:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{19D9C651-746D-4200-A18A-1534E2E0DB7E}] => (Allow) E:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{5850B596-6529-41E3-BAC3-293998840B48}] => (Allow) E:\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{DDFEF195-75DF-4D73-BB95-8C1015B76FD4}] => (Allow) E:\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe (Valve -> )
FirewallRules: [{E534877E-7EB4-4C33-89A0-21BB4E9E7EE1}] => (Allow) E:\Steam\SteamApps\common\Naval Action\Client.exe (Game Labs, Inc. -> )
FirewallRules: [{EF9AFD72-7CA7-4CBD-BF11-018DA81208E5}] => (Allow) E:\Steam\SteamApps\common\Naval Action\Client.exe (Game Labs, Inc. -> )
FirewallRules: [{ABCF93E3-D643-4B35-AF31-5BC3F7963151}] => (Allow) E:\Steam\SteamApps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{59C6F7F6-798C-42A3-B0B2-AE8E29B36005}] => (Allow) E:\Steam\SteamApps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{97E030C7-13B7-47D3-AB12-9960F3E73E05}] => (Allow) E:\Steam\SteamApps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{08FE3BD5-5295-45A7-B181-5180B3D1B542}] => (Allow) E:\Steam\SteamApps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [TCP Query User{3BED433A-69FA-4D81-B968-7BCF558FA80C}E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe] => (Allow) E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe () [File not signed]
FirewallRules: [UDP Query User{44D43CA5-B754-4DDF-8D30-CAE03BDA5879}E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe] => (Allow) E:\steam\steamapps\common\red orchestra 2 - single player\binaries\win32\rogame.exe () [File not signed]
FirewallRules: [{1E7ABB74-EDC6-490B-B176-68DC8B122CA2}] => (Allow) E:\Steam\SteamApps\common\VictoryAtSea\VictoryAtSea.exe () [File not signed]
FirewallRules: [{6BEFFF4C-F088-4F2D-8F52-367F8628D043}] => (Allow) E:\Steam\SteamApps\common\VictoryAtSea\VictoryAtSea.exe () [File not signed]
FirewallRules: [{FD383921-D496-432D-964D-65BE7A16F57C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9E5ACE7C-B098-4FFA-A78B-011A82391615}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5AB7A839-D4A6-4457-B232-4D27413525C1}] => (Allow) E:\Steam\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{3983D1CE-512B-4780-B385-B02928297C2D}] => (Allow) E:\Steam\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{7E4809CD-028C-44EB-B83B-37F9408E3EA9}] => (Allow) E:\Steam\SteamApps\common\OfGuardsAndThieves\OGAT.exe () [File not signed]
FirewallRules: [{FF66CD0B-372E-4803-AA38-988B616E26A1}] => (Allow) E:\Steam\SteamApps\common\OfGuardsAndThieves\OGAT.exe () [File not signed]
FirewallRules: [{C8034699-007A-48D4-B6B6-A3B9EA7063EA}] => (Allow) E:\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{13861E6A-D6D3-441F-BE77-3FE21CC893FB}] => (Allow) E:\Steam\SteamApps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DAA7F741-C0DB-4EFB-883E-6530CFF4FB68}] => (Allow) E:\Steam\SteamApps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{B33D0E24-626B-48A2-BCD0-8681D9A2D075}] => (Allow) E:\Steam\SteamApps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [TCP Query User{7CACD146-3D71-4D89-83B7-09D04ED56486}E:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3_x64.exe No File
FirewallRules: [UDP Query User{A82D755E-9C0C-4784-9813-29F9A1788D9D}E:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3_x64.exe No File
FirewallRules: [{BB277D70-4F82-487C-8004-0AE40A680108}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe (Firaxis Games) [File not signed]
FirewallRules: [{C5CF2101-375D-47D3-9DC7-A8B8CB973BE6}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe (Firaxis Games) [File not signed]
FirewallRules: [{36B4635D-41BB-47E8-8F8C-4DBF30D516E3}] => (Allow) E:\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe (1C Company -> 1C:SoftClub)
FirewallRules: [{4D8A5A54-AF75-4A62-A276-3C8D34F43599}] => (Allow) E:\Steam\SteamApps\common\IL-2 Sturmovik Cliffs of Dover\Launcher.exe (1C Company -> 1C:SoftClub)
FirewallRules: [TCP Query User{A95132A4-409F-46A7-9201-A58DFB336DCE}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Allow) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [UDP Query User{B565C1FC-B917-4A8A-BDE6-FAF12C240D61}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Allow) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe (iMobie Inc. -> iMobie Inc.)
FirewallRules: [{4A0ADA85-0D27-40C3-8F9A-64217AC745B7}] => (Allow) F:\SteamLibrary\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{61118A9D-84AC-45F1-B162-8AE4F219CA23}] => (Allow) F:\SteamLibrary\steamapps\common\Wolfpack\Wolfpack.exe () [File not signed]
FirewallRules: [{CE5F22E8-A6B7-4859-81F5-1B5C63257F62}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{A28C5D39-8F30-4F85-A737-7D34DA2CACEB}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{FA7852BC-ADC2-44DF-951B-5C1553649F66}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{5A8D55B1-7160-4242-A576-1B36C8E0CA56}] => (Allow) F:\SteamLibrary\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{E629D839-67F3-463B-86CD-B21A0D236C8D}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [{C2676A0A-DDC4-4C45-B228-DD37F6122F31}] => (Allow) E:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe () [File not signed]
FirewallRules: [{4A405798-52F5-4757-BB15-D8226C742A84}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe () [File not signed]
FirewallRules: [{DEAE9D13-90C1-4B4C-9CEA-FB5C378CE30C}] => (Allow) E:\Steam\SteamApps\common\Red Orchestra\System\RedOrchestraLargeAddressAware.exe () [File not signed]
FirewallRules: [{87496EC9-0F1D-495F-BF76-801A43D84582}] => (Allow) E:\Steam\SteamApps\common\KARDS\kards.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9094EF78-E8BF-4C95-BD20-E40DB0BA3EBC}] => (Allow) E:\Steam\SteamApps\common\KARDS\kards.exe (Epic Games, Inc.) [File not signed]
 
FirewallRules: [TCP Query User{27724F38-089E-4E66-A16C-D506AFE0862F}E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe (1939 Games) [File not signed]
FirewallRules: [UDP Query User{14406A70-D3C8-4D83-A139-526F5A1B9068}E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe (1939 Games) [File not signed]
FirewallRules: [{3AE7B02A-C57A-4699-95D8-9888F54A0DD8}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{CD0EBA0D-0F94-44F1-8C76-4EDA68322B6C}] => (Allow) E:\Steam\SteamApps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [TCP Query User{D036BCB4-0795-42CE-8E0F-1216F3161F73}E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{0C2C8441-765C-40DA-BD15-24C3FBA4E1EF}E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) E:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{F5B25547-AF65-4DC7-8AD5-D9A53A21AF25}] => (Allow) E:\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{408D2176-D67B-4870-A840-8C89CE76EA83}] => (Allow) E:\Steam\SteamApps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{2E4D9845-88E3-4644-82F7-9A7BE93AC2BA}E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [UDP Query User{797CD1DA-C020-4720-9FCA-9964C854C511}E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [{AC57A4A8-61D3-40C1-B6AF-ED6B6B98DEE7}] => (Allow) LPort=26789
FirewallRules: [{B2130514-AECF-42A0-94C1-EF835ED2C796}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.28 GB) (Free:6.39 GB) (6%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/04/2020 09:34:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MSI_LED.exe, version: 6.2.0.96, time stamp: 0xf3f2611b
Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0x4061c730
Exception code: 0xe0434352
Fault offset: 0x00114192
Faulting process id: 0x1ed4
Faulting application start time: 0x01d60a8e16950ffa
Faulting application path: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: d35bb588-7b4c-4e80-8ac5-a8ee8bd5af31
Faulting package full name:
Faulting package-relative application ID:

Error: (04/04/2020 09:34:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MSI_LED.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
at System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
at MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
at System.Windows.Application.<.ctor>b__1_0(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at System.Windows.Application.Run()
at MSI_LED.App.Main()

Error: (04/04/2020 01:04:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/04/2020 12:18:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6676,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back