I believe my PC might be infected | #microsoft | #hacking | #cybersecurity


I keep getting notifications from “Smart Home Manager” that a fishy url has been blocked on my windows device and it is the same URL over and over again. I haven’t noticed any weird behavior on my computer itself except that my windows search bar stopped working a while ago (not sure if that is even related) but those notifications have me pretty concerned that I somehow got infected with something. I will include the message I am getting from smart home below as well as the FRST and Addition logs I got from running Farbar:

 

 

 

 

Smart Home Manager-

Description

We noticed that WINDOWS-LNOSCAP tried to visit a website that posed a spam risk. This risk sow suspicious behavior that you should avoid. We blocked the connection to stop private data from being exposed. 

 

Recommendation

Before visiting a site, be sure the URL is secure by noting its padlock symbol and that the URL being with https//. Use multi-factor authentication when it’s available. If this site has been flagged by mistake, select allow access below to add it to your exceptions list. Note: By adding a site to the exceptions list, you won’t be warned about any future threats related to it.

 

Blocked URL

https://imp.i279709.net/

 

 

 

 

 

 

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021

Ran by joshu (administrator) on WINDOWS-LN0SCAP (Dell Inc. Inspiron 7577) (10-06-2021 10:37:11)

Running from C:UsersjoshuDownloads

Loaded Profiles: joshu

Platform: Windows 10 Home Version 2004 19041.1052 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Apple Inc.) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe

(CyberLink Corp. -> CyberLink) C:Program Files (x86)CyberLinkCyberLink Media SuitePower2Go8CLMLSvc_P2G8.exe

(CyberLink Corp. -> CyberLink) C:Program Files (x86)CyberLinkShared filesRichVideo.exe

(Discord Inc. -> Discord Inc.) C:UsersjoshuAppDataLocalDiscordapp-1.0.9002Discord.exe <6>

(Dropbox, Inc -> Dropbox, Inc.) C:WindowsSystem32DbxSvc.exe

(Electronic Arts, Inc. -> Electronic Arts) C:Program Files (x86)OriginOriginWebHelperService.exe

(Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherEngineBinariesWin64EpicWebHelper.exe <2>

(Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe

(Google Inc -> Google LLC) C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <19>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler64.exe

(Intel Corporation -> Intel Corporation) C:WindowsSystem32IntelDPTFdptf_helper.exe

(Intel Corporation -> Intel Corporation) C:WindowsSystem32IntelDPTFesif_uf.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_ffc75848a6342fdfjhi_service.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_65c474a29ee01b9digfxCUIService.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_65c474a29ee01b9digfxEM.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_65c474a29ee01b9dIntelCpHDCPSvc.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_65c474a29ee01b9dIntelCpHeciSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16WINWORD.EXE

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersjoshuAppDataLocalMicrosoftOneDriveOneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwePaintStudio.View.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbweWinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0NisSrv.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe

(Waves Inc -> Waves Audio Ltd.) C:Program FilesWavesMaxxAudioWavesSvc64.exe

(Waves Inc -> Waves Audio Ltd.) C:Program FilesWavesMaxxAudioWavesSysSvc64.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe [321096 2017-06-09] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [9229280 2017-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [RtHDVBg_PushButton] => C:Program FilesRealtekAudioHDARAVBg64.exe [1489376 2017-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [WavesSvc] => C:Program FilesWavesMaxxAudioWavesSvc64.exe [1189744 2017-06-27] (Waves Inc -> Waves Audio Ltd.)

HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32…Run: [Wondershare Helper Compact.exe] => C:Program Files (x86)Common FilesWondershareWondershare Helper CompactWSHelper.exe

HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Run: [Discord] => C:UsersjoshuAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Run: [com.squirrel.Teams.Teams] => C:UsersjoshuAppDataLocalMicrosoftTeamsUpdate.exe [2453688 2020-11-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Run: [EpicGamesLauncher] => C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33223648 2021-05-28] (Epic Games Inc. -> Epic Games, Inc.)

HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Run: [EADM] => C:Program Files (x86)OriginOrigin.exe [3144824 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication91.0.4472.77Installerchrmstp.exe [2021-05-26] (Google LLC -> Google LLC)

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {00251901-C19E-4956-BA3A-2BD588DF100F} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [3953096 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {00E1D38A-F4D2-4424-897B-5BC1D63D0D0F} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [3953096 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {0E1AF2CB-0D1B-4FDB-9A32-1480A6EA9384} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156456 2019-04-02] (Google Inc -> Google LLC)

Task: {1068A4EC-CD7B-4991-B7B3-EA3D88A672D8} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {111C8590-37B5-434F-BA8F-A551EED814BC} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [118088 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {11B191E0-108B-43A9-BD72-38179C98A628} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CPushRenewal => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {1D3AE959-B9F9-42FB-879A-0B745CDCE08E} – System32TasksCLMLSvc_P2G8 => C:Program Files (x86)CyberLinkCyberLink Media SuitePower2Go8CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink)

Task: {21CEBBC2-036C-46D7-824F-7A1817D9C592} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {261E5840-C408-42F0-B188-298F2A11BB2F} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156456 2019-04-02] (Google Inc -> Google LLC)

Task: {2B0F87DD-8FC3-4BF6-B8D5-43C108889C80} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [677344 2021-02-13] (Mozilla Corporation -> Mozilla Foundation)

Task: {2F31A81B-8425-4A6A-BAE1-307DAA9C04FF} – System32TasksGoogleUpdateTaskMachineCore1d57d5b90324517 => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156456 2019-04-02] (Google Inc -> Google LLC)

Task: {30FA87AE-1E54-4D15-A4E4-FFD0B72BA4A3} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CPassport for Work alert created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {37118891-E403-4739-BB2F-0CF82D017045} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {389F2B7E-F695-4DDE-B8D0-FB3EF30D470A} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {42AE17EE-13BE-4F6E-B83E-4C50C1966405} – System32TasksPCDoctorBackgroundMonitorTask => C:Program FilesDellSupportAssistuaclauncher.exe [1218808 2015-05-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.)

Task: {43F77AD4-C34E-4905-9CE8-133D7FE78E28} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CSchedule to run OMADMClient by server => C:WINDOWSsystem32omadmclient.exe [436736 2021-06-09] (Microsoft Windows -> Microsoft Corporation)

Task: {48420382-1953-4BB7-8FE4-8503D5CD8F99} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {4EC850C0-1D87-474D-B339-796AB821303F} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CWin10 S Mode event listener created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {5D8BC0C6-1335-4148-B48B-C09476C1E832} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)

Task: {60AF7DC5-411F-41AB-BA0B-847472B3D9F2} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {6828DA47-5B71-417D-BEF6-D13D848049C6} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CPushLaunch => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {71871B92-FA94-4B5D-9F60-90419BB52EAE} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CSchedule created by enrollment client for renewal of certificate warning => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {74CE02C9-A48D-460B-A70F-8987B8A473B3} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {796B181A-961C-4085-90B3-199FB8C091A6} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {8DBEA671-5F6E-4B88-8B96-19F4C552C32E} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CSchedule #3 created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {95051DCA-0BE6-40AE-BEBF-C005699E39BE} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {9594AD1A-B885-4F9F-ADDA-7775AAC87D2D} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CSchedule to run OMADMClient by client => C:WINDOWSsystem32omadmclient.exe [436736 2021-06-09] (Microsoft Windows -> Microsoft Corporation)

Task: {9D7FE04F-234F-47B6-A5A1-7A62949F5003} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CSchedule #1 created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {A17D1829-F48B-4174-997B-76F26FECF887} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CProvisioning initiated session => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {A8730EB8-4973-4A3A-A3CD-0F68CF6408B2} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {AAA50A7A-0F74-419B-B6B9-05CB54D7EE5B} – System32TasksCLVDLauncher => C:Program Files (x86)CyberLinkCyberLink Media SuitePower2Go8CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.)

Task: {AC17A5CF-39F7-4D29-B326-BB0917E9AD6D} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [118088 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {AEA17E1B-F66D-4916-8F87-D1DC73470923} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {BA560FCD-70E4-4515-A101-644312939B2F} – System32TasksPCDEventLauncherTask => C:Program FilesDellSupportAssistsessionchecker.exe [439544 2015-05-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.)

Task: {BD80B1ED-09B0-4F00-B815-D0D3AF274E4E} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CPushUpgrade => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {C23D7C1C-4BBB-410F-8AA1-56870978C5D7} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)

Task: {CA4E4BED-3440-4738-AD0D-CCD4E5605D8A} – System32TasksSystemToolsDailyTest => C:Program FilesDellSupportAssistuaclauncher.exe [1218808 2015-05-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.)

Task: {CE71DEA0-F4D3-4E57-87F3-C6E3DCCC231E} – System32TasksIntel PTT EK Recertification => C:WINDOWSSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_75ffca5eec865b4blibIntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)

Task: {CF71EF8B-22F7-49DB-9443-B124EE1139D6} – System32TasksMicrosoftOfficeOffice Subscription Maintenance => C:Program Files (x86)Microsoft OfficerootvfsProgramFilesCommonx86Microsoft SharedOffice16OLicenseHeartbeat.exe [1122200 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {E5419AD7-8FC6-4359-895B-0E15EE39A74C} – System32TasksGoogleUpdateTaskMachineUA1d57d5b90368c4d => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156456 2019-04-02] (Google Inc -> Google LLC)

Task: {EAC64EC8-E687-4C4A-AE89-53611A21A102} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5COS Edition Upgrade event listener created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

Task: {F74E51DF-5052-4DE9-A768-8BC2C8BD2A17} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {F836701A-A7D5-4431-96CC-73B5818A6B35} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {FD2D38C1-714D-4C88-8E3D-6ED885A6225D} – System32TasksMicrosoftWindowsEnterpriseMgmt9B5B5108-CFA1-4B13-BF4A-21C788772C5CSchedule #2 created by enrollment client => C:WINDOWSsystem32deviceenroller.exe [480256 2021-04-15] (Microsoft Windows -> Microsoft Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

Task: C:WINDOWSTasksIntel PTT EK Recertification.job => C:WINDOWSSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_75ffca5eec865b4blibIntelPTTEKRecertification.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.1.254

Tcpip..Interfaces{40d90bae-71a3-4c02-bc55-666665e3304e}: [DhcpNameServer] 192.168.1.254

Tcpip..Interfaces{b585e3f7-e4cb-4e15-8f60-e88f8a5e30b7}: [DhcpNameServer] 192.168.1.254

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:UsersjoshuAppDataLocalMicrosoftEdgeUser DataDefault [2021-04-26]

 

FireFox:

========

FF DefaultProfile: zk8f0zlt.default

FF ProfilePath: C:UsersjoshuAppDataRoamingMozillaFirefoxProfileszk8f0zlt.default [2021-02-13]

FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:Program Files (x86)Javajre1.8.0_201bindtpluginnpDeployJava1.dll [2019-04-02] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:Program Files (x86)Javajre1.8.0_201binplugin2npjp2.dll [2019-04-02] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin HKUS-1-5-21-2487371937-3665581296-3318962372-1002: ubisoft.com/uplaypc -> C:Program Files (x86)UbisoftUbisoft Game Launchernpuplaypc.dll [2020-05-01] (Ubisoft Entertainment Sweden AB -> )

 

Chrome: 

=======

CHR Profile: C:UsersjoshuAppDataLocalGoogleChromeUser DataDefault [2021-06-10]

CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com

CHR Extension: (Slides) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-04-02]

CHR Extension: (Dark Night Mode) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionsbhbekkddpbpbibiknkcjamlkhoghieie [2021-01-06]

CHR Extension: (Honey) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2021-05-28]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2021-05-28]

CHR Extension: (Augmented Steam) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionsdnhpnfgdlenaccegplpojghhmaamnnfp [2021-03-09]

CHR Extension: (Stellarium on rollApp) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionskoecfllbdgblbpiicoekgjbhdnmgdcnm [2020-08-25]

CHR Extension: (Chrome Web Store Payments) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Ads Killer Adblocker Plus) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionspgbllmbdjgcalkoimdfcpknbjgnhjclg [2019-04-18]

CHR Extension: (Chrome Media Router) – C:UsersjoshuAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-28]

CHR Profile: C:UsersjoshuAppDataLocalGoogleChromeUser DataSystem Profile [2020-02-17]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)

S2 CLKMSVC10_3CD7F304; C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDVD14CommonNavFilterKmSvc.exe [312088 2016-05-09] (CyberLink Corp. -> CyberLink)

R2 DbxSvc; C:WINDOWSSystem32DbxSvc.exe [51024 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [818304 2021-02-05] (EasyAntiCheat Oy -> Epic Games, Inc)

S3 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7456464 2021-02-13] (Malwarebytes Inc -> Malwarebytes)

S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)

R2 RichVideo; C:Program Files (x86)CyberLinkShared filesRichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink)

S3 Rockstar Service; C:Program FilesRockstar GamesLauncherRockstarService.exe [1332632 2021-04-20] (Rockstar Games, Inc. -> Rockstar Games)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.4-0MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 Hamachi; C:WINDOWSSystem32driversHamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

S3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-03-16] (Malwarebytes Inc -> Malwarebytes)

R3 MpKsla32a46db; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{B68D941B-A3D7-4BE6-904F-1E5069947B9F}MpKslDrv.sys [107744 2021-06-10] (Microsoft Windows -> Microsoft Corporation)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [49560 2021-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [425208 2021-06-06] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [76008 2021-06-06] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-06-10 10:37 – 2021-06-10 10:37 – 000028023 _____ C:UsersjoshuDownloadsFRST.txt

2021-06-10 10:35 – 2021-06-10 10:37 – 000000000 ____D C:FRST

2021-06-10 10:33 – 2021-06-10 10:33 – 002300416 _____ (Farbar) C:UsersjoshuDownloadsFRST64.exe

2021-06-09 11:44 – 2021-06-09 11:44 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb

2021-06-09 11:44 – 2021-06-09 11:44 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb

2021-06-09 11:44 – 2021-06-09 11:44 – 002260480 _____ (The ICU Project) C:WINDOWSsystem32icu.dll

2021-06-09 11:44 – 2021-06-09 11:44 – 001864192 _____ (The ICU Project) C:WINDOWSSysWOW64icu.dll

2021-06-09 11:44 – 2021-06-09 11:44 – 001823792 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-06-09 11:44 – 2021-06-09 11:44 – 001393496 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2021-06-09 11:44 – 2021-06-09 11:44 – 001314120 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi

2021-06-09 11:44 – 2021-06-09 11:44 – 000657464 _____ C:WINDOWSsystem32WindowManagementAPI.dll

2021-06-09 11:44 – 2021-06-09 11:44 – 000568832 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl

2021-06-09 11:44 – 2021-06-09 11:44 – 000563712 _____ (Microsoft Corporation) C:WINDOWSsystem32winspool.drv

2021-06-09 11:44 – 2021-06-09 11:44 – 000468440 _____ C:WINDOWSSysWOW64WindowManagementAPI.dll

2021-06-09 11:44 – 2021-06-09 11:44 – 000451072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl

2021-06-09 11:44 – 2021-06-09 11:44 – 000423936 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winspool.drv

2021-06-09 11:44 – 2021-06-09 11:44 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll

2021-06-09 11:44 – 2021-06-09 11:44 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe

2021-06-09 11:44 – 2021-06-09 11:44 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-06-09 11:44 – 2021-06-09 11:44 – 000097280 _____ C:WINDOWSsystem32Driverscimfs.sys

2021-06-09 11:44 – 2021-06-09 11:44 – 000011353 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-06-07 17:00 – 2021-06-07 17:01 – 018866507 _____ C:UsersjoshuDownloadsDV_B_36_EN.pptx

2021-06-07 17:00 – 2021-06-07 17:00 – 012992648 _____ C:UsersjoshuDownloadsDV_A_4_EN.pptx

2021-06-06 21:28 – 2021-06-06 21:28 – 000000410 _____ C:UsersPublicDesktopGuild Wars 2.lnk

2021-06-06 21:28 – 2021-06-06 21:28 – 000000410 _____ C:ProgramDataDesktopGuild Wars 2.lnk

2021-06-06 21:28 – 2021-06-06 21:28 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGuild Wars 2

2021-06-06 21:27 – 2021-06-06 21:28 – 000000000 ____D C:UsersjoshuAppDataRoamingGuild Wars 2

2021-06-06 21:27 – 2021-06-06 21:27 – 035185896 _____ (ArenaNet) C:UsersjoshuDownloadsGw2Setup-64.tmp

2021-06-06 21:27 – 2021-06-06 21:27 – 000000000 ____D C:UsersjoshuDownloadsbin64

2021-06-06 21:27 – 2021-06-06 21:27 – 000000000 _____ C:UsersjoshuDownloadsGw2.tmp

2021-06-06 21:27 – 2021-06-06 21:27 – 000000000 _____ C:UsersjoshuDownloadsGw2.dat

2021-06-06 21:26 – 2021-06-06 21:27 – 035185896 _____ (ArenaNet) C:UsersjoshuDownloadsGw2Setup-64.exe

2021-06-06 21:26 – 2021-06-06 21:27 – 029340840 _____ (ArenaNet) C:UsersjoshuDownloadsGw2Setup-64.000

2021-06-03 16:52 – 2020-08-14 00:59 – 000043416 _____ (NVIDIA Corporation) C:WINDOWSsystem32DriversNvModuleTracker.sys

2021-06-02 15:24 – 2021-06-02 15:24 – 000388608 _____ (Trend Micro Inc.) C:UsersjoshuDownloadsHijackThis.exe

2021-05-31 16:51 – 2021-05-31 16:52 – 018458146 _____ C:UsersjoshuDownloadsDV_B_35_EN.pptx

2021-05-31 16:51 – 2021-05-31 16:51 – 013283417 _____ C:UsersjoshuDownloadsDV_A_3_EN.pptx

2021-05-24 19:15 – 2021-05-24 19:16 – 023318423 _____ C:UsersjoshuDownloadsDV_B_34_EN.pptx

2021-05-24 17:06 – 2021-05-24 17:07 – 050631488 _____ C:UsersjoshuDownloadsDV_A_2_EN.pptx

2021-05-21 20:27 – 2021-05-21 20:27 – 000000000 ____D C:UsersjoshuDocumentsHeroBlade Logs

2021-05-21 20:27 – 2021-05-21 20:27 – 000000000 ____D C:UsersjoshuAppDataLocalSWTOR

2021-05-21 20:22 – 2021-05-21 20:22 – 000000000 ____D C:UsersjoshuAppDataLocalSWTORPerf

2021-05-17 17:02 – 2021-05-17 17:03 – 022814547 _____ C:UsersjoshuDownloadsDV_B_33_EN.pptx

2021-05-17 17:01 – 2021-05-17 17:03 – 056441600 _____ C:UsersjoshuDownloadsDV_A_1_EN.pptx

2021-05-14 00:02 – 2021-05-14 00:02 – 000000203 _____ C:UsersjoshuDesktopSTAR WARS™ The Old Republic™.url

2021-05-13 20:36 – 2021-05-13 20:36 – 000000468 _____ C:UsersjoshuDesktopEnlisted.lnk

2021-05-13 20:36 – 2021-05-13 20:36 – 000000000 ____D C:UsersjoshuAppDataRoamingMicrosoftWindowsStart MenuProgramsEnlisted

2021-05-13 20:36 – 2021-05-13 20:36 – 000000000 ____D C:UsersjoshuAppDataLocalGaijin

2021-05-13 20:36 – 2021-05-13 20:36 – 000000000 ____D C:ProgramDataGaijin

2021-05-13 20:35 – 2021-05-13 20:35 – 005699640 _____ (Gaijin Network ) C:UsersjoshuDownloadsenlisted_launcher_1.0.3.48-ts7i6z1qq.exe

2021-05-13 11:15 – 2021-05-13 11:15 – 000000165 ____H C:UsersjoshuDownloads~$DV_A_16_EN.pptx

2021-05-13 00:03 – 2021-05-13 00:03 – 001687040 _____ C:WINDOWSsystem32libcrypto.dll

2021-05-13 00:03 – 2021-05-13 00:03 – 001163776 _____ C:WINDOWSsystem32MBR2GPT.EXE

2021-05-13 00:03 – 2021-05-13 00:03 – 000700928 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll

2021-05-13 00:03 – 2021-05-13 00:03 – 000165888 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-05-13 00:03 – 2021-05-13 00:03 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe

2021-05-13 00:03 – 2021-05-13 00:03 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe

2021-05-12 21:45 – 2021-05-12 21:45 – 000002460 _____ C:UsersjoshuDocuments5.12.txt

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-06-10 10:36 – 2021-01-15 12:56 – 000000000 ____D C:ProgramDataOrigin

2021-06-10 10:35 – 2019-12-07 02:13 – 000000000 ____D C:WINDOWSINF

2021-06-10 10:31 – 2020-10-26 10:07 – 000004168 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-{A06E0D20-5C8D-420D-B54E-7A18038A9F28}

2021-06-10 10:31 – 2019-04-06 20:20 – 000000000 ____D C:UsersjoshuAppDataRoamingDiscord

2021-06-10 10:31 – 2019-04-06 20:20 – 000000000 ____D C:UsersjoshuAppDataLocalDiscord

2021-06-10 10:30 – 2021-02-13 00:09 – 000000000 ____D C:UsersjoshuAppDataLocalOrigin

2021-06-10 10:30 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-06-10 10:30 – 2018-05-13 14:00 – 000000000 ____D C:ProgramDataNVIDIA

2021-06-10 10:28 – 2020-10-26 09:59 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-06-10 10:28 – 2019-12-07 02:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-06-10 10:28 – 2019-12-07 02:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-06-10 10:28 – 2019-04-02 13:31 – 000000000 __SHD C:UsersjoshuIntelGraphicsProfiles

2021-06-09 23:12 – 2020-10-26 10:11 – 000842418 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-06-09 23:08 – 2020-11-28 19:50 – 000008192 ___SH C:DumpStack.log.tmp

2021-06-09 23:08 – 2020-10-26 10:07 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-06-09 23:08 – 2020-10-26 09:59 – 000465664 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-06-09 23:08 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSServiceState

2021-06-09 23:08 – 2018-05-13 12:19 – 000190664 ____N (CyberLink Corp.) C:WINDOWSsystem32Driversrikvm_3CD7F304.sys

2021-06-09 23:07 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase

2021-06-09 23:07 – 2019-12-07 02:03 – 000786432 _____ C:WINDOWSsystem32configBBI

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ___RD C:WINDOWSPrintDialog

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64es-MX

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSystemResources

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32lv-LV

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32et-EE

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32es-MX

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32Dism

2021-06-09 23:06 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-06-09 20:24 – 2019-04-22 22:36 – 000000000 ____D C:UsersjoshuAppDataLocalCrashDumps

2021-06-09 11:46 – 2019-12-07 02:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-06-09 11:38 – 2019-04-02 15:00 – 000000000 ____D C:WINDOWSsystem32MRT

2021-06-09 11:36 – 2019-04-02 15:00 – 132447432 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-06-09 10:26 – 2020-10-26 10:07 – 000003380 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2487371937-3665581296-3318962372-1002

2021-06-09 10:26 – 2020-10-26 10:01 – 000002369 _____ C:UsersjoshuAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-06-09 10:26 – 2019-04-02 13:33 – 000000000 ___RD C:UsersjoshuOneDrive

2021-06-07 17:02 – 2019-04-02 13:31 – 000000000 ____D C:UsersjoshuAppDataLocalPackages

2021-06-07 16:58 – 2021-02-13 00:09 – 000000000 ____D C:UsersjoshuAppDataRoamingOrigin

2021-06-06 20:54 – 2019-04-02 22:11 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-06-05 16:56 – 2019-12-07 02:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-06-05 14:20 – 2020-08-23 17:38 – 000002440 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-06-05 14:20 – 2020-08-23 17:38 – 000002278 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-06-05 14:20 – 2020-08-23 17:38 – 000002278 _____ C:ProgramDataDesktopMicrosoft Edge.lnk

2021-06-03 16:53 – 2020-10-26 10:07 – 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:53 – 2020-10-26 10:07 – 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:53 – 2019-04-02 14:16 – 000001449 _____ C:UsersPublicDesktopGeForce Experience.lnk

2021-06-03 16:53 – 2019-04-02 14:16 – 000001449 _____ C:ProgramDataDesktopGeForce Experience.lnk

2021-06-03 16:53 – 2018-05-13 14:00 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-06-03 16:52 – 2020-10-26 10:07 – 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000004106 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2020-10-26 10:07 – 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-06-03 16:52 – 2018-05-13 14:00 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-06-03 16:52 – 2018-05-13 14:00 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-06-02 15:37 – 2021-02-13 00:15 – 000000000 ____D C:Program Files (x86)Origin

2021-06-02 15:22 – 2018-05-13 12:05 – 000000000 ____D C:Program Files (x86)Microsoft Office

2021-06-02 15:15 – 2020-04-16 14:57 – 000002233 _____ C:UsersjoshuDesktopDiscord.lnk

2021-06-02 15:14 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-05-26 17:01 – 2019-04-02 13:51 – 000002303 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-05-26 17:01 – 2019-04-02 13:51 – 000002262 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-05-26 17:01 – 2019-04-02 13:51 – 000002262 _____ C:ProgramDataDesktopGoogle Chrome.lnk

2021-05-20 12:05 – 2019-10-15 13:05 – 000000000 ____D C:UsersjoshuAppDataRoamingStellarium

2021-05-14 00:02 – 2019-04-02 14:26 – 000000000 ____D C:UsersjoshuAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2021-05-13 20:36 – 2021-01-10 21:41 – 000000000 ____D C:UsersjoshuDocumentsMy Games

2021-05-13 12:03 – 2019-05-12 23:30 – 000000000 ____D C:UsersjoshuAppDataLocalD3DSCache

2021-05-13 11:29 – 2018-05-13 12:59 – 000000000 ____D C:Intel

2021-05-13 11:28 – 2020-10-26 10:01 – 000000000 ____D C:Usersjoshu

2021-05-13 11:22 – 2019-04-02 14:56 – 000000000 ____D C:UsersjoshuAppDataLocalElevatedDiagnostics

2021-05-13 00:27 – 2019-12-07 02:50 – 000000000 ____D C:WINDOWSsystem32OpenSSH

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64setup

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32setup

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSsystem32lt-LT

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSProvisioning

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-05-13 00:27 – 2019-12-07 02:14 – 000000000 ____D C:WINDOWSDiagTrack

2021-05-13 00:05 – 2019-12-07 02:52 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll

 

==================== Files in the root of some directories ========

 

2020-10-26 10:14 – 2021-01-25 22:50 – 000004723 _____ () C:UsersjoshuAppDataRoamingVoiceMeeterDefault.xml

2020-11-28 21:04 – 2020-11-28 21:04 – 000000017 _____ () C:UsersjoshuAppDataLocalresmon.resmoncfg

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

 

 

 

Addition.txt-

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021

Ran by joshu (10-06-2021 10:38:54)

Running from C:UsersjoshuDownloads

Windows 10 Home Version 2004 19041.1052 (X64) (2020-10-26 17:07:38)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2487371937-3665581296-3318962372-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-2487371937-3665581296-3318962372-503 – Limited – Disabled)

Guest (S-1-5-21-2487371937-3665581296-3318962372-501 – Limited – Disabled)

joshu (S-1-5-21-2487371937-3665581296-3318962372-1002 – Administrator – Enabled) => C:Usersjoshu

WDAGUtilityAccount (S-1-5-21-2487371937-3665581296-3318962372-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 20.02 alpha (x64) (HKLM…7-Zip) (Version: 20.02 alpha – Igor Pavlov)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Citra (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…{29a65023-0329-460f-8a62-e4c496aec893}) (Version: 1.0.0 – Citra Team)

ClassAction (HKLM-x32…{6873B2A6-5405-4693-A94C-4A76C78652CF}) (Version: 2.3 – AstroUNL)

CLEA Exercise – The Quest For Object X – Version 1.123 (HKLM-x32…{A6CC5796-FBBE-4F41-8ACC-C155BB1A399E}) (Version: 1.12.3000 – Project CLEA – Gettysburg College)

CyberLink Media Suite Essentials (HKLM-x32…InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 – CyberLink Corp.)

Dell SupportAssist (HKLM…PC-Doctor for Windows) (Version: 1.1.6664.10 – Dell)

Discord (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Discord) (Version: 0.0.309 – Discord Inc.)

DSC/AA Factory Installer (HKLM…{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 – PC-Doctor, Inc.) Hidden

Enlisted Launcher 1.0.3.48 (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version:  – Gaijin Network)

Epic Games Launcher (HKLM-x32…{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Goodix Fingerprint Driver (HKLM…{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.300 – Goodix, Inc.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.77 – Google LLC)

Guild Wars 2 (HKLM…Guild Wars 2) (Version:  – NCsoft Corporation, Ltd.)

Intel® Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 – Intel Corporation)

Interactives (HKLM-x32…{982EE0E8-6211-476A-AE58-9CEF3647A56D}) (Version: 1.1 – AstroUNL)

Java 8 Update 201 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 – Oracle Corporation)

Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Malwarebytes version 4.3.0.98 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 – Malwarebytes)

Maxx Audio Installer (x64) (HKLM…{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9233.1 – Waves Audio Ltd.) Hidden

MediaHuman YouTube to MP3 Converter 3.9.9.36 (HKLM-x32…MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.36 – MediaHuman)

Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14026.20246 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 91.0.864.41 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 91.0.864.41 – Microsoft Corporation)

Microsoft Office Home and Student 2016 – en-us (HKLM…HomeStudentRetail – en-us) (Version: 16.0.14026.20246 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…OneDriveSetup.exe) (Version: 21.099.0516.0003 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Teams) (Version: 1.3.00.30866 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729 (HKLM…{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729 (HKLM-x32…{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32…{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 – Microsoft Corporation)

Mozilla Firefox 85.0.2 (x64 en-US) (HKLM…Mozilla Firefox 85.0.2 (x64 en-US)) (Version: 85.0.2 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 66.0.2 – Mozilla)

MSI Afterburner 4.6.2 (HKLM-x32…Afterburner) (Version: 4.6.2 – MSI Co., LTD)

NAAP Labs (HKLM-x32…{30CC92DD-F9F0-48FC-A502-A636CE8BB5AC}) (Version: 1.1 – AstroUNL)

NewBlue Video Essentials for Windows (HKLM-x32…NewBlue Video Essentials for Windows) (Version: 3.0 – NewBlue)

NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.22.0.32 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 – NVIDIA Corporation)

NVIDIA GeForce NOW 2.0.27.126 (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.27.126 – NVIDIA Corporation)

NVIDIA Graphics Driver 461.40 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.40 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

OBS Studio (HKLM-x32…OBS Studio) (Version: 26.0.2 – OBS Project)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32…{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 – Microsoft Corporation) Hidden

OpenOffice 4.1.6 (HKLM-x32…{16E4FF6B-31E8-4037-B627-D87CF872E32B}) (Version: 4.16.9790 – Apache Software Foundation)

Origin (HKLM-x32…Origin) (Version: 10.5.100.48178 – Electronic Arts, Inc.)

Paradox Launcher v2 (HKLM…{A8D4AE16-519B-409D-B5B4-2647C06805AD}) (Version: 2.0.3.0 – Paradox Interactive)

Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 – Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8166 – Realtek Semiconductor Corp.)

RivaTuner Statistics Server 7.2.3 (HKLM-x32…RTSS) (Version: 7.2.3 – Unwinder)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.37.349 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.8.1 – Rockstar Games)

STAR WARS™ Battlefront™ II (HKLM-x32…{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 – Electronic Arts)

StarCraft II (HKLM-x32…StarCraft II) (Version:  – Blizzard Entertainment)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Stellarium 0.19.2 (HKLM…Stellarium_is1) (Version: 0.19.2 – Stellarium team)

SWF File Player (HKLM-x32…{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version:  – swffileplayer.com)

Teams Machine-Wide Installer (HKLM-x32…{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 – Microsoft Corporation)

Ubisoft Game Launcher (HKLM-x32…{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 – UBISOFT)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 – Microsoft Corporation) Hidden

Update for Windows 10 for x64-based Systems (KB4480730) (HKLM…{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 – Microsoft Corporation)

UpdateAssistant (HKLM…{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 – Microsoft Corporation) Hidden

VALORANT (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…Riot Game valorant.live) (Version:  – Riot Games, Inc)

VMeisoft Flash SWF Converter version 3.0.2.9 (HKLM…VMeisoft Flash SWF Converter_is1) (Version: 3.0.2.9 – VMeisoft)

Voicemeeter, The Virtual Mixing Console (HKLM-x32…VB:Voicemeeter {17359A74-1236-5467}) (Version:  – VB-Audio Software)

Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1) (Version: 1.0.54.1 – Intel Corporation Inc.) Hidden

Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1-2) (Version: 1.0.54.1 – Intel Corporation Inc.) Hidden

Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1-3) (Version: 1.0.54.1 – Intel Corporation Inc.)

Zoom (HKUS-1-5-21-2487371937-3665581296-3318962372-1002…ZoomUMX) (Version: 5.5.2 (12494.0204) – Zoom Video Communications, Inc.)

 

Packages:

=========

Autodesk SketchBook -> C:Program FilesWindowsApps89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2021-05-13] (Autodesk Inc.)

Bubble Witch 3 Saga -> C:Program FilesWindowsAppsking.com.BubbleWitch3Saga_7.5.37.0_x86__kgqvnymyfvs32 [2021-05-27] (king.com)

iTunes -> C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-05-13] (Apple Inc.) [Startup Task]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-13] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-13] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-05] (Microsoft Studios) [MS Ad]

Photos Add-on -> C:Program FilesWindowsAppsMicrosoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-22] (Microsoft Corporation)

Phototastic Collage -> C:Program FilesWindowsAppsThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-05-19] (Thumbmunkeys Ltd)

Plex -> C:Program FilesWindowsAppsCAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2021-05-19] (Plex)

WinZip Universal -> C:Program FilesWindowsAppsWinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2021-05-19] (WinZip Computing)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-2487371937-3665581296-3318962372-1002_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UsersjoshuAppDataLocalMicrosoftTeamsMeetingAddin1.0.20275.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-2487371937-3665581296-3318962372-1002_ClassesCLSID{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}localserver32 -> C:Program FilesWavesMaxxAudioMaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)

CustomCLSID: HKUS-1-5-21-2487371937-3665581296-3318962372-1002_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UsersjoshuAppDataLocalMicrosoftTeamsMeetingAddin1.0.20244.4x64Microsoft.Teams.AddinLoader.dll => No File

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:Program Files (x86)7-Zip7-zip.dll [2020-08-08] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:Program Files (x86)Common FilesCyberLinkShellExtComponentCLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:Program Files (x86)Common FilesCyberLinkShellExtComponentCLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-02-13] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:Program Files (x86)7-Zip7-zip.dll [2020-08-08] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:Program Files (x86)DropboxClientDropboxExt64.27.0.dll -> No File

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:WINDOWSSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_65c474a29ee01b9digfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:Program Files (x86)7-Zip7-zip.dll [2020-08-08] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-02-13] (Malwarebytes Corporation -> Malwarebytes)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [VIDC.RTV1] => C:windowssystem32rtvcvfw64.dll [246272 2012-09-28] () [File not signed]

HKLM…Drivers32: [vidc.pDAD] => C:WindowsSysWOW64prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)

HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersjoshuAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcutsd249d9ddd424b688Google Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=Default

 

==================== Loaded Modules (Whitelisted) =============

 

2020-04-20 14:21 – 2020-04-20 14:21 – 000000000 ____L (Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16AppVIsvSubsystems32.dll

2020-04-20 14:21 – 2020-04-20 14:21 – 000000000 ____L (Microsoft Corporation) C:Program Files (x86)Microsoft OfficerootOffice16c2r32.dll

2021-02-13 00:15 – 2021-04-01 13:19 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)OriginLIBEAY32.dll

2021-02-13 00:15 – 2021-04-01 13:19 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)Originssleay32.dll

2021-02-13 00:15 – 2021-04-01 13:19 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Originplatformsqwindows.dll

2021-06-02 15:37 – 2021-04-01 13:19 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Core.dll

2021-06-02 15:37 – 2021-04-01 13:19 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Gui.dll

2021-06-02 15:37 – 2021-04-01 13:19 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Network.dll

2021-06-02 15:37 – 2021-04-01 13:19 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5WebSockets.dll

2021-06-02 15:37 – 2021-04-01 13:19 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Widgets.dll

2021-06-02 15:37 – 2021-04-01 13:19 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Xml.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMSIServer => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMSIServer => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-2487371937-3665581296-3318962372-1002SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.dell.com/

HKUS-1-5-21-2487371937-3665581296-3318962372-1002SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = www.dell.com

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre1.8.0_201binssv.dll [2019-04-02] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre1.8.0_201binjp2ssv.dll [2019-04-02] (Oracle America, Inc. -> Oracle Corporation)

Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKUS-1-5-21-2487371937-3665581296-3318962372-1002…sharepoint.com -> hxxps://losrios-files.sharepoint.com

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2017-03-18 14:03 – 2017-03-18 14:01 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;C:windowssystem32;C:windows;C:windowsSystem32Wbem;C:windowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-2487371937-3665581296-3318962372-1002Control PanelDesktop\Wallpaper -> c:windowswebwallpapertheme1img13.jpg

DNS Servers: 192.168.1.254

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{A397B6DE-2758-4A20-BDBC-2DDA5B60D8AC}D:program files (x86)steamsteamappscommondon’t starve togetherbindontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:program files (x86)steamsteamappscommondon’t starve togetherbindontstarve_dedicated_server_nullrenderer.exe => No File

FirewallRules: [TCP Query User{37876AE0-D0C2-4A5D-86B5-6582D52F662A}D:program files (x86)steamsteamappscommondon’t starve togetherbindontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:program files (x86)steamsteamappscommondon’t starve togetherbindontstarve_dedicated_server_nullrenderer.exe => No File

FirewallRules: [{A63CE576-B68C-405D-8410-F181E2087252}] => (Allow) D:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe => No File

FirewallRules: [{6C31204D-4783-47CB-A1E0-EBC9FCB964B3}] => (Allow) D:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe => No File

FirewallRules: [{CA7CE869-F2AD-44C0-9805-51CEF77FF7D1}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe => No File

FirewallRules: [{1D872851-F00D-4701-A24C-8EBAC60607A7}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe => No File

FirewallRules: [{EB2634E2-DD3E-47BA-BF78-FEEF608FB6ED}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe => No File

FirewallRules: [{8BB4BC1F-983B-4C74-9161-35DDCD6774E8}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe => No File

FirewallRules: [UDP Query User{5B5E6EDA-B25D-4F19-8336-113E14FB908E}D:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) D:program files (x86)steamsteamappscommonterrariaterrariaserver.exe => No File

FirewallRules: [TCP Query User{03B6BA26-817E-4F85-AD3A-30A34CD10D39}D:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) D:program files (x86)steamsteamappscommonterrariaterrariaserver.exe => No File

FirewallRules: [{BF8B85B7-5C36-49AA-9DA4-4D04B484D7B0}] => (Allow) D:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe => No File

FirewallRules: [{2A0F07D1-431B-42D3-AB3C-27770C498E16}] => (Allow) D:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe => No File

FirewallRules: [{63780A8E-17D0-44B1-B938-4FD1B5BA9B79}] => (Allow) D:Program Files (x86)SteamsteamappscommonForgeQuestForge Quest.exe => No File

FirewallRules: [{94FCD244-0176-4D81-973F-D1386086226B}] => (Allow) D:Program Files (x86)SteamsteamappscommonForgeQuestForge Quest.exe => No File

FirewallRules: [{EDC2FBA0-D01E-47EB-817B-0F37903A7265}] => (Allow) D:Program Files (x86)SteamsteamappscommonSniper Elite 3LauncherSniper3Launcher.exe => No File

FirewallRules: [{80441741-CC8F-4ABF-BF9B-9B50889FB8EE}] => (Allow) D:Program Files (x86)SteamsteamappscommonSniper Elite 3LauncherSniper3Launcher.exe => No File

FirewallRules: [{379325E5-CCA2-4ED3-9AA2-2B5124E3AE75}] => (Block) D:program files (x86)epic gamessidmeierscivilizationvibasebinarieswin64eoscivilizationvi.exe (Firaxis Games) [File not signed]

FirewallRules: [{116DEC03-E5BC-403E-90A7-1D89BE3AF17D}] => (Block) D:program files (x86)epic gamessidmeierscivilizationvibasebinarieswin64eoscivilizationvi.exe (Firaxis Games) [File not signed]

FirewallRules: [UDP Query User{D08417C6-3396-4625-BBD2-E0CAA83CC851}D:program files (x86)epic gamessidmeierscivilizationvibasebinarieswin64eoscivilizationvi.exe] => (Allow) D:program files (x86)epic gamessidmeierscivilizationvibasebinarieswin64eoscivilizationvi.exe (Firaxis Games) [File not signed]

FirewallRules: [TCP Query User{6333878B-D131-4834-B24E-8CD8DF677AC7}D:program files (x86)epic gamessidmeierscivilizationvibasebinarieswin64eoscivilizationvi.exe] => (Allow) D:program files (x86)epic gamessidmeierscivilizationvibasebinarieswin64eoscivilizationvi.exe (Firaxis Games) [File not signed]

FirewallRules: [{26C52BC4-2E99-4ED9-8DC4-762C1EDA79A2}] => (Allow) D:Program Files (x86)SteamsteamappscommonDungeon Defenders 2DunDefLauncher.exe => No File

FirewallRules: [{B7662F2C-836F-47B0-AE0B-F66FB3287B7A}] => (Allow) D:Program Files (x86)SteamsteamappscommonDungeon Defenders 2DunDefLauncher.exe => No File

FirewallRules: [UDP Query User{FF4A4D1D-87F7-432C-9FEA-B1681D7CCBB0}D:program files (x86)steamsteamappscommonstellarisstellaris.exe] => (Block) D:program files (x86)steamsteamappscommonstellarisstellaris.exe => No File

FirewallRules: [TCP Query User{C7C58739-1113-4611-A6C7-F82DA1E69DE5}D:program files (x86)steamsteamappscommonstellarisstellaris.exe] => (Block) D:program files (x86)steamsteamappscommonstellarisstellaris.exe => No File

FirewallRules: [UDP Query User{BAF398E2-E6D7-44CE-9899-C19CD7938BFC}D:program files (x86)steamsteamappscommonelite dangerousproductselite-dangerous-64elitedangerous64.exe] => (Allow) D:program files (x86)steamsteamappscommonelite dangerousproductselite-dangerous-64elitedangerous64.exe => No File

FirewallRules: [TCP Query User{D6BCC49F-AD50-4AC3-B71C-D94B40B817F8}D:program files (x86)steamsteamappscommonelite dangerousproductselite-dangerous-64elitedangerous64.exe] => (Allow) D:program files (x86)steamsteamappscommonelite dangerousproductselite-dangerous-64elitedangerous64.exe => No File

FirewallRules: [{3F688B6D-EA2B-4913-9707-B267A5FF3884}] => (Allow) D:Program Files (x86)SteamsteamappscommonAnno 2070Anno5.exe => No File

FirewallRules: [{C3DB2294-2B29-4B83-992E-BFCAA352D3B1}] => (Allow) D:Program Files (x86)SteamsteamappscommonAnno 2070Anno5.exe => No File

FirewallRules: [{958A6F96-4FD7-4257-BAAE-78E34EC0F8DF}] => (Allow) D:Program Files (x86)SteamsteamappscommonAnno 2070Anno5.exe => No File

FirewallRules: [{303FC0D1-D8ED-4A1A-8506-87029551D33B}] => (Allow) D:Program Files (x86)SteamsteamappscommonAnno 2070Anno5.exe => No File

FirewallRules: [{9735997C-7DB1-4E7B-B5A2-E6934A8957AF}] => (Allow) D:Program Files (x86)SteamsteamappscommonGolf With Your FriendsGolf With Your Friends.exe => No File

FirewallRules: [{A3405FFA-4C8F-4D96-AE5C-87E6BC7E2F60}] => (Allow) D:Program Files (x86)SteamsteamappscommonGolf With Your FriendsGolf With Your Friends.exe => No File

FirewallRules: [{C4366F70-6747-48D2-831D-2A5C9291317B}] => (Allow) C:UsersjoshuAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{446667BE-B238-436C-BDD8-1F04445BA9F6}] => (Allow) C:UsersjoshuAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{1E31945C-A96B-4C66-A35F-F121679066D2}] => (Allow) D:Program Files (x86)SteamsteamappscommonDivinity Original Sin Enhanced EditionShippingEoCApp.exe => No File

FirewallRules: [{0059CEF5-9DF5-48EC-BA86-F48A73A315C3}] => (Allow) D:Program Files (x86)SteamsteamappscommonDivinity Original Sin Enhanced EditionShippingEoCApp.exe => No File

FirewallRules: [{0D3B6835-B79A-47AB-A8F0-5B3589199811}] => (Allow) D:Program Files (x86)SteamsteamappscommonBroforceBroforce_beta.exe => No File

FirewallRules: [{4CDEF684-F813-4698-AF4C-ACC7E31C83ED}] => (Allow) D:Program Files (x86)SteamsteamappscommonBroforceBroforce_beta.exe => No File

FirewallRules: [{00545929-2D38-47FE-B87E-1F8D73D141D3}] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LauncherUbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)

FirewallRules: [{8814FC7D-8F1D-4ACF-BBE5-34F59349FCE7}] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LauncherUbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)

FirewallRules: [{723507DA-5EE7-4E6C-ADF5-C8DB35192301}] => (Allow) D:Program Files (x86)SteamsteamappscommonAnno 2070Anno5.exe => No File

FirewallRules: [{CB366BA0-F0CE-49C0-947D-1BCEB7726D55}] => (Allow) D:Program Files (x86)SteamsteamappscommonAnno 2070Anno5.exe => No File

FirewallRules: [{58F96BE3-9726-4951-BC30-842C230E7E68}] => (Allow) D:Program Files (x86)SteamsteamappscommonAge2HDLauncher.exe => No File

FirewallRules: [{2D9E4912-0A9F-4ABD-BA51-A1478300BC9C}] => (Allow) D:Program Files (x86)SteamsteamappscommonAge2HDLauncher.exe => No File

FirewallRules: [{91DF4798-D79A-43C2-BA07-5F602D649C33}] => (Allow) D:Program Files (x86)SteamsteamappscommonSid Meier’s Civilization VLaunchPadLaunchPad.exe => No File

FirewallRules: [{AD001267-ACEB-4780-AD32-5E89ABCB7D93}] => (Allow) D:Program Files (x86)SteamsteamappscommonSid Meier’s Civilization VLaunchPadLaunchPad.exe => No File

FirewallRules: [{E9FA10BB-48C8-4625-8457-E0A7680C6D01}] => (Allow) C:Program Files (x86)DropboxClientDropbox.exe => No File

FirewallRules: [{372A68A0-B7A2-43B8-B9A7-88C893924498}] => (Allow) D:Program Files (x86)Steamsteamappscommonthe banner saga factionswin32The Banner Saga Factions.exe => No File

FirewallRules: [{6473FA4D-3526-4EE5-AFFE-1D2D3A2C29A0}] => (Allow) D:Program Files (x86)Steamsteamappscommonthe banner saga factionswin32The Banner Saga Factions.exe => No File

FirewallRules: [{2DA81D3C-568C-4666-BB3A-08F4242C205D}] => (Allow) D:Program Files (x86)SteamsteamappscommonGotham City Impostors F2PEngine.exe => No File

FirewallRules: [{6013E0F7-E751-417A-AFCE-9F4E6590C4F4}] => (Allow) D:Program Files (x86)SteamsteamappscommonGotham City Impostors F2PEngine.exe => No File

FirewallRules: [{0781315B-085E-460C-A4D9-D37DD1409470}] => (Allow) D:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Borderlands2.exe => No File

FirewallRules: [{1FB7E24B-7099-4F13-9D27-634369A775C7}] => (Allow) D:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Borderlands2.exe => No File

FirewallRules: [{8820F02F-9B92-4F54-B74C-555E4DFA93E8}] => (Allow) D:Program Files (x86)SteamsteamappscommonBattleriteBattlerite.exe => No File

FirewallRules: [{88E0E356-55B8-41E0-82A7-1A6A11A6C582}] => (Allow) D:Program Files (x86)SteamsteamappscommonBattleriteBattlerite.exe => No File

FirewallRules: [UDP Query User{6EFC0486-95FA-4469-BEB1-6A9F7BAD770B}D:program files (x86)steamsteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) D:program files (x86)steamsteamappscommondivinity original sin 2defedbineocapp.exe => No File

FirewallRules: [TCP Query User{E07EEA3B-C2D0-4439-A05E-164F31C9CC11}D:program files (x86)steamsteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) D:program files (x86)steamsteamappscommondivinity original sin 2defedbineocapp.exe => No File

FirewallRules: [UDP Query User{D54FA1CC-4475-4150-A7ED-944F4C291650}D:program files (x86)steamsteam.exe] => (Allow) D:program files (x86)steamsteam.exe => No File

FirewallRules: [TCP Query User{AD4459E4-3C4F-4C13-894B-CE342C91ED1B}D:program files (x86)steamsteam.exe] => (Allow) D:program files (x86)steamsteam.exe => No File

FirewallRules: [{A1C0CF29-2D9D-4658-B037-7391EEE8512B}] => (Allow) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHost.exe => No File

FirewallRules: [{4C0706D7-A3E1-48BD-9013-94BB74B2F7B3}] => (Allow) C:Program Files (x86)Common FilesMcafeeMMSSHostMMSSHost.exe => No File

FirewallRules: [{154EDFFF-54AA-4B6F-866C-649B902B9A00}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{16F5AFBF-D4B4-43A4-AC5C-4B293B84A774}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{5007C8EA-1BDF-4CA7-9B1F-33E2091C542C}] => (Allow) C:Program Files (x86)SteamSteam.exe => No File

FirewallRules: [{96F1F9BF-3552-42C2-B862-D4A32A5D86DC}] => (Allow) C:Program Files (x86)SteamSteam.exe => No File

FirewallRules: [{28EF22D4-4D12-47BB-9BF8-0F52981D06B5}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{937DC3E0-464F-4D81-9FE4-068B460CE816}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{A2406F90-77AB-4B8C-9B54-5988090AC1FD}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{2B07CB20-D9EA-4651-9206-12F5469FABB4}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{725F2E41-F9CD-4248-8819-344C49D4EB9C}] => (Allow) C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDirector14PDR10.EXE => No File

FirewallRules: [{65AD4B92-B1FF-4F00-9D74-1AE5FF6B3584}] => (Allow) C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDVD14MoviePowerDVD CinemaPowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{6F950EAF-1820-4E51-B43B-A1BB6132036C}] => (Allow) C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDVD14MoviePowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{6C895F3F-F133-4306-9DFE-6C23CD1A4130}] => (Allow) C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDVD14PowerDVD14Agent.exe => No File

FirewallRules: [{1CB59861-B43C-4F75-A3D5-723DE9E0195A}] => (Allow) C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDVD14KernelDMSCLMSServerPDVD14.exe => No File

FirewallRules: [{CEDE0279-B918-471D-A8CC-56D17D2A10DD}] => (Allow) C:Program Files (x86)CyberLinkCyberLink Media SuitePowerDVD14PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{F7AFB6B0-3602-4C15-B495-9C3493CFE935}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe => No File

FirewallRules: [{80706C38-72E0-447B-8551-08811E8BBD93}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe => No File

FirewallRules: [{791FF9C3-92C7-4EBE-B6C7-2EDA5BECB559}] => (Allow) D:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{802F17D1-91B9-4471-9D22-92CBB408145F}] => (Allow) D:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{6E4BF464-94FE-478D-8A5B-216370BAA8D1}] => (Allow) D:Program Files (x86)SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe => No File

FirewallRules: [{55BEF45B-D044-4726-80CF-4E9E5AC2CD67}] => (Allow) D:Program Files (x86)SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe => No File

FirewallRules: [{14A93150-EA90-41DF-8E43-3299F8FED21B}] => (Allow) D:Program Files (x86)SteamsteamappscommonDivinity Original Sin 2binSupportTool.exe => No File

FirewallRules: [{872A2245-A576-4E7C-BEC9-B3850D2697C5}] => (Allow) D:Program Files (x86)SteamsteamappscommonDivinity Original Sin 2binSupportTool.exe => No File

FirewallRules: [TCP Query User{629A3ADA-4FCA-4661-9DC5-41CC2C1D980F}D:program files (x86)battle.netdestiny 2destiny2.exe] => (Allow) D:program files (x86)battle.netdestiny 2destiny2.exe (Bungie Inc. -> Bungie)

FirewallRules: [UDP Query User{282D1C96-52E1-4AD5-B3DA-83F7674046D0}D:program files (x86)battle.netdestiny 2destiny2.exe] => (Allow) D:program files (x86)battle.netdestiny 2destiny2.exe (Bungie Inc. -> Bungie)

FirewallRules: [{0F494AE1-01A5-48DF-8A7F-2DC55E15640D}] => (Allow) D:Program Files (x86)SteamsteamappscommonTabletop SimulatorTabletop Simulator.exe => No File

FirewallRules: [{9F96A372-04F2-41A6-B53E-37158038FB03}] => (Allow) D:Program Files (x86)SteamsteamappscommonTabletop SimulatorTabletop Simulator.exe => No File

FirewallRules: [{09E54930-3ADE-4701-BA5F-8560A14E6766}] => (Allow) D:Program Files (x86)SteamsteamappscommonDuck GameDuckGame.exe => No File

FirewallRules: [{EE789F96-BB35-4CDA-A01A-3476E51A989C}] => (Allow) D:Program Files (x86)SteamsteamappscommonDuck GameDuckGame.exe => No File

FirewallRules: [{78D539BB-FC37-49DF-AE87-F0EC992C4C74}] => (Allow) D:Program Files (x86)SteamsteamappscommonHuman Fall FlatHuman.exe => No File

FirewallRules: [{7A30F873-B151-46FC-A1AB-7BAF6B328ECF}] => (Allow) D:Program Files (x86)SteamsteamappscommonHuman Fall FlatHuman.exe => No File

FirewallRules: [{B10EEB96-1C03-4104-A02F-12018C3AD735}] => (Allow) D:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Launcher.exe => No File

FirewallRules: [{F7A8529D-5BAC-4905-8BF2-70C80708887F}] => (Allow) D:Program Files (x86)SteamsteamappscommonBorderlands 2BinariesWin32Launcher.exe => No File

FirewallRules: [{A4AC89A4-5345-4BB5-BC89-408C71BFBF22}] => (Allow) D:Program Files (x86)SteamsteamappscommonBorderlandsPreSequelBinariesWin32Launcher.exe => No File

FirewallRules: [{BE4407E0-8212-4ED4-AA01-4378026D3347}] => (Allow) D:Program Files (x86)SteamsteamappscommonBorderlandsPreSequelBinariesWin32Launcher.exe => No File

FirewallRules: [{FA387E62-E7C4-40DB-B205-230C030D32D7}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File

FirewallRules: [{A20B84E7-09E1-4D73-B68A-B2AF2074E179}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File

FirewallRules: [{BAEC7576-B212-42C1-A76B-B10CDB76A255}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File

FirewallRules: [{50F70D5B-3F2E-4F43-A292-0DD9DB938389}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File

FirewallRules: [{DA3A85E3-6A12-4BE2-A9D2-CDFFAD0804B6}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File

FirewallRules: [{DBC4D413-A272-4174-968D-3FC614E040A3}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeWarframe.x64.exe => No File

FirewallRules: [{233AB7EC-F2FC-4038-98E3-BE6DB7268897}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeToolsLauncher.exe => No File

FirewallRules: [{319B1235-46E4-45B4-9031-93C3209AB8E1}] => (Allow) D:Program Files (x86)SteamsteamappscommonWarframeToolsRemoteCrashSender.exe => No File

FirewallRules: [TCP Query User{906034B4-C40F-4312-B788-9BBF392467F7}D:program files (x86)common filescitranightly-mingwcitra-qt.exe] => (Allow) D:program files (x86)common filescitranightly-mingwcitra-qt.exe () [File not signed]

FirewallRules: [UDP Query User{379F018A-02D4-49FB-BA1C-534217D71B0A}D:program files (x86)common filescitranightly-mingwcitra-qt.exe] => (Allow) D:program files (x86)common filescitranightly-mingwcitra-qt.exe () [File not signed]

FirewallRules: [{8F84B35A-7F36-471A-A146-14CCF8274D6F}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D29AACD7-6AC9-4011-B417-C0C86182290D}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{32EC62BA-7B5A-4431-83AA-9AE7E2D13858}] => (Allow) D:Program Files (x86)SteamsteamappscommonStellarisdowser.exe => No File

FirewallRules: [{99AD0F73-8FF0-40C5-8881-9A8552144C8A}] => (Allow) D:Program Files (x86)SteamsteamappscommonStellarisdowser.exe => No File

FirewallRules: [{68081C27-77C1-4A79-8718-658496DE8693}] => (Allow) D:Program Files (x86)SteamsteamappscommonWormsRevolutionWormsRevolution.exe => No File

FirewallRules: [{0A2ACA1C-4C8C-48B2-8F0D-36D0120F5DC0}] => (Allow) D:Program Files (x86)SteamsteamappscommonWormsRevolutionWormsRevolution.exe => No File

FirewallRules: [{7770CD09-D02E-42F4-94FB-61070C643A92}] => (Allow) D:Program Files (x86)SteamsteamappscommonThe Divinity Engine 2DefEdDivinityEngine2.exe => No File

FirewallRules: [{F58C2D98-C690-467E-94F6-71C56D640194}] => (Allow) D:Program Files (x86)SteamsteamappscommonThe Divinity Engine 2DefEdDivinityEngine2.exe => No File

FirewallRules: [{DCB7B1EC-AF71-4653-B97D-A28C72C856B2}] => (Allow) D:Program Files (x86)SteamsteamappscommonThe Divinity Engine 2DivinityEngine2.exe => No File

FirewallRules: [{85B234D1-1935-4940-BAED-0D486CA8C724}] => (Allow) D:Program Files (x86)SteamsteamappscommonThe Divinity Engine 2DivinityEngine2.exe => No File

FirewallRules: [{6C09E7CD-067D-4712-9068-1036FB0F3376}] => (Allow) D:Program Files (x86)SteamsteamappscommonRed Dead Redemption 2PlayRDR2.exe => No File

FirewallRules: [{7FB64691-D27F-4502-B110-27203079C910}] => (Allow) D:Program Files (x86)SteamsteamappscommonRed Dead Redemption 2PlayRDR2.exe => No File

FirewallRules: [{59928003-C393-431B-876E-357C13AC55C7}] => (Allow) D:Program Files (x86)SteamsteamappscommonFallout76Fallout76.exe => No File

FirewallRules: [{3CC419E0-24DE-403B-B707-C9103A30B4F3}] => (Allow) D:Program Files (x86)SteamsteamappscommonFallout76Fallout76.exe => No File

FirewallRules: [TCP Query User{8BF714DA-3F87-41AD-9E33-C6456D9101B4}D:program files (x86)steamsteamappscommonred dead redemption 2rdr2.exe] => (Allow) D:program files (x86)steamsteamappscommonred dead redemption 2rdr2.exe => No File

FirewallRules: [UDP Query User{E7D657BB-EA1F-483F-9811-7D20B82793D2}D:program files (x86)steamsteamappscommonred dead redemption 2rdr2.exe] => (Allow) D:program files (x86)steamsteamappscommonred dead redemption 2rdr2.exe => No File

FirewallRules: [{95727E78-ACF0-4E3A-9A7C-276B904947DC}] => (Allow) D:Program Files (x86)SteamsteamappscommonYet Another Zombie DefenseYetAnotherZombieDefense.exe => No File

FirewallRules: [{E925252D-46A5-4B79-AB8A-464A5C895BF5}] => (Allow) D:Program Files (x86)SteamsteamappscommonYet Another Zombie DefenseYetAnotherZombieDefense.exe => No File

FirewallRules: [TCP Query User{9610415F-3D73-4DDF-8147-39EE8A96F52D}D:program files (x86)steamsteamappscommoncry of fearcof.exe] => (Allow) D:program files (x86)steamsteamappscommoncry of fearcof.exe => No File

FirewallRules: [UDP Query User{2A44C13B-EC22-4ADF-81B0-16635C668A9C}D:program files (x86)steamsteamappscommoncry of fearcof.exe] => (Allow) D:program files (x86)steamsteamappscommoncry of fearcof.exe => No File

FirewallRules: [{20E15776-082B-4749-80AF-7D2DA9543827}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{D9B706D7-738E-4CB8-83FB-63926B3D9A92}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{72BB6EBE-4D3F-435C-A52B-F9ACF530D4F5}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{C67D0FCA-1B38-4E10-B4D4-AB5473CC7FC2}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{07534AB6-0191-4F1E-84FA-37E308FEBABE}] => (Allow) D:program filesMy GamesOrginSTAR WARS Battlefront IIstarwarsbattlefrontii_trial.exe => No File

FirewallRules: [{06FB0F9C-78F7-4C2F-9EF9-043B0A2987E7}] => (Allow) D:program filesMy GamesOrginSTAR WARS Battlefront IIstarwarsbattlefrontii_trial.exe => No File

FirewallRules: [{EC966041-3DB7-4E21-BC21-1028AC44C60C}] => (Allow) D:program filesMy GamesOrginSTAR WARS Battlefront IIstarwarsbattlefrontii.exe => No File

FirewallRules: [{B84A4706-A66D-43C1-8F41-EC5A606A3488}] => (Allow) D:program filesMy GamesOrginSTAR WARS Battlefront IIstarwarsbattlefrontii.exe => No File

FirewallRules: [{DAF657F8-E007-44E3-B348-0B682AEDF6CA}] => (Allow) D:Program Files (x86)SteamsteamappscommonRustRust.exe => No File

FirewallRules: [{5D8A16DD-79C6-46D4-A687-F6F61F19ADAA}] => (Allow) D:Program Files (x86)SteamsteamappscommonRustRust.exe => No File

FirewallRules: [{7675F7C3-7418-4EA4-9A6D-B3FF6CAB2E91}] => (Allow) D:Program Files (x86)SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe => No File

FirewallRules: [{A6D5B84F-5304-4C10-AE01-C923AAB9C785}] => (Allow) D:Program Files (x86)SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe => No File

FirewallRules: [{7DE3A4F9-16F0-4CA2-8856-9C574CF7CDBD}] => (Allow) D:program filesMy GamesOrgin GamesSTAR WARS Battlefront IIstarwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{F298F154-7336-42E0-86CB-AB0477E1A281}] => (Allow) D:program filesMy GamesOrgin GamesSTAR WARS Battlefront IIstarwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{AD8DE951-DE12-4FEA-9326-F5D76577728D}] => (Allow) D:program filesMy GamesOrgin GamesSTAR WARS Battlefront IIstarwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{8ACC700B-1902-4EFF-BE66-EB4B684E90BD}] => (Allow) D:program filesMy GamesOrgin GamesSTAR WARS Battlefront IIstarwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

FirewallRules: [{446872C7-ED7B-419A-B2E5-F5CDF54A5176}] => (Allow) E:SteamLibrarysteamappscommonRustRust.exe => No File

FirewallRules: [{803B9A54-46FE-440D-B20C-868507BA2D83}] => (Allow) E:SteamLibrarysteamappscommonRustRust.exe => No File

FirewallRules: [{9D368BDE-E0E8-4794-ADC9-758FBEE63936}] => (Allow) E:Steamsteam.exe => No File

FirewallRules: [{EB61F2A8-2A7A-420B-BF4B-5BE66C95B9F0}] => (Allow) E:Steamsteam.exe => No File

FirewallRules: [{4637CE58-2CAE-498D-9E55-21986B559E2E}] => (Allow) E:Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{BE38326C-F2C0-4FEC-A3C9-EEFCDA986B75}] => (Allow) E:Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{FE05AA27-7E64-4F9B-A6E6-CCFF83E50C7D}] => (Allow) E:SteamsteamappscommonDuck GameDuckGame.exe => No File

FirewallRules: [{78954C8A-25D3-4140-B989-F9C2C9BD7E2A}] => (Allow) E:SteamsteamappscommonDuck GameDuckGame.exe => No File

FirewallRules: [TCP Query User{1B0D717B-3250-4D3E-963D-98D7A7869AEF}E:steamsteamappscommonred dead redemption 2rdr2.exe] => (Allow) E:steamsteamappscommonred dead redemption 2rdr2.exe => No File

FirewallRules: [UDP Query User{28A1F152-9484-4782-BAC6-3CF9015A5AB1}E:steamsteamappscommonred dead redemption 2rdr2.exe] => (Allow) E:steamsteamappscommonred dead redemption 2rdr2.exe => No File

FirewallRules: [TCP Query User{A56B3DE9-E14C-42B8-9837-2BEE191F50AD}E:steamsteamappscommonterrariaterrariaserver.exe] => (Allow) E:steamsteamappscommonterrariaterrariaserver.exe => No File

FirewallRules: [UDP Query User{F541B18B-5ED3-4954-B0D0-ACC125343D3F}E:steamsteamappscommonterrariaterrariaserver.exe] => (Allow) E:steamsteamappscommonterrariaterrariaserver.exe => No File

FirewallRules: [{147128B2-FE0B-4CBF-AA7B-16DCE3D39F9C}] => (Allow) E:SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe => No File

FirewallRules: [{82E2EA59-5FEA-482C-A7E6-88CCCB81A5BB}] => (Allow) E:SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe => No File

FirewallRules: [TCP Query User{87B48275-2990-48C6-B27E-5248DA3FE8D8}E:steamsteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) E:steamsteamappscommondivinity original sin 2defedbineocapp.exe => No File

FirewallRules: [UDP Query User{6F8ECBAF-7268-4657-BEC7-590DA6A19AAF}E:steamsteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) E:steamsteamappscommondivinity original sin 2defedbineocapp.exe => No File

FirewallRules: [{BA583918-75A6-4351-A134-733D20BE1BC2}] => (Allow) E:SteamsteamappscommonRisk of Rain 2Risk of Rain 2.exe => No File

FirewallRules: [{FDBF15B0-006B-4160-9653-F9D7DD1B5069}] => (Allow) E:SteamsteamappscommonRisk of Rain 2Risk of Rain 2.exe => No File

FirewallRules: [{6DDF4FD7-B68E-4124-976C-7C676451A597}] => (Allow) E:SteamsteamappscommonAmong UsAmong Us.exe => No File

FirewallRules: [{4F8D9139-5D7D-46EB-90E6-85EED2508743}] => (Allow) E:SteamsteamappscommonAmong UsAmong Us.exe => No File

FirewallRules: [{8CA6857A-2978-4638-B22A-D4A014B9579C}] => (Allow) E:SteamsteamappscommonDivinity Original Sin Enhanced EditionShippingEoCApp.exe => No File

FirewallRules: [{357BC30A-86F2-4AC3-84B1-B37E424368ED}] => (Allow) E:SteamsteamappscommonDivinity Original Sin Enhanced EditionShippingEoCApp.exe => No File

FirewallRules: [{BCE2636F-4A43-419F-8982-68038A22E320}] => (Allow) E:SteamsteamappscommonGuilt Battle ArenaGuilt Battle Arena.exe => No File

FirewallRules: [{E0155682-16BA-489B-B3B9-C816041F70C6}] => (Allow) E:SteamsteamappscommonGuilt Battle ArenaGuilt Battle Arena.exe => No File

FirewallRules: [{B703651B-72A5-485B-998C-FAC221D4E527}] => (Allow) E:SteamsteamappscommonBattleriteBattlerite.exe => No File

FirewallRules: [{C46FC3CD-7C0E-4186-A4C4-8CF671D6CFA2}] => (Allow) E:SteamsteamappscommonBattleriteBattlerite.exe => No File

FirewallRules: [{27E8FE17-3E3B-4ED1-85FE-DAF051BE9C79}] => (Allow) E:SteamsteamappscommonStellarisdowser.exe => No File

FirewallRules: [{295E7E1C-6603-4FB6-BF9F-6FD071D0A157}] => (Allow) E:SteamsteamappscommonStellarisdowser.exe => No File

FirewallRules: [{548F0D23-AE72-4222-B352-850631673160}] => (Allow) E:SteamsteamappscommonGloomhavenGH.exe => No File

FirewallRules: [{0BA5D5CD-0E70-4356-A3CB-64616B3952BA}] => (Allow) E:SteamsteamappscommonGloomhavenGH.exe => No File

FirewallRules: [{5912B4DB-8F35-4630-AB58-A8AEFF713798}] => (Allow) E:SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe => No File

FirewallRules: [{36BB9B69-44E0-4F96-A7C4-EF7DDC65D5DC}] => (Allow) E:SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe => No File

FirewallRules: [{C7C7204F-0277-4C54-94AE-B47747955691}] => (Allow) F:Steamsteam.exe => No File

FirewallRules: [{407C5D45-877B-47F9-9B9A-256303E64FD8}] => (Allow) F:Steamsteam.exe => No File

FirewallRules: [{F3194981-D32E-4264-BAB1-A09709151B30}] => (Allow) F:Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{D5FAE71A-8338-404E-9EE0-78DFFBBB41E2}] => (Allow) F:Steambincefcef.win7x64steamwebhelper.exe => No File

FirewallRules: [{9F391D24-D01B-4F64-B469-02388A6F55EE}] => (Allow) F:SteamsteamappscommonTabletop SimulatorTabletop Simulator.exe => No File

FirewallRules: [{80EAE228-8D0F-42B3-96F8-040D9BAFCF8D}] => (Allow) F:SteamsteamappscommonTabletop SimulatorTabletop Simulator.exe => No File

FirewallRules: [{BBD51E8E-D0F9-4E1E-9B8F-A166AB821268}] => (Allow) F:SteamsteamappscommonTerrariaTerraria.exe => No File

FirewallRules: [{C38D319B-05D6-4EF2-A4A6-B487712DFC77}] => (Allow) F:SteamsteamappscommonTerrariaTerraria.exe => No File

FirewallRules: [{8A359020-1CC1-42EA-B3FA-8BA3587D0374}] => (Allow) F:SteamsteamappscommonAmong UsAmong Us.exe => No File

FirewallRules: [{86D40348-3470-4939-A506-2388373524A0}] => (Allow) F:SteamsteamappscommonAmong UsAmong Us.exe => No File

FirewallRules: [TCP Query User{84B7063A-9BD8-41DB-8C59-0151D4E51677}F:steamsteamappscommongloomhavengh.exe] => (Allow) F:steamsteamappscommongloomhavengh.exe => No File

FirewallRules: [UDP Query User{4B81CCCD-C3D8-4105-97FF-F98346A578B8}F:steamsteamappscommongloomhavengh.exe] => (Allow) F:steamsteamappscommongloomhavengh.exe => No File

FirewallRules: [{5A99E6CE-B8D3-44FE-AA47-713D7D766604}] => (Allow) F:SteamsteamappscommonStellarisdowser.exe => No File

FirewallRules: [{53A02751-DDB1-47FE-98D5-4D8631EDC545}] => (Allow) F:SteamsteamappscommonStellarisdowser.exe => No File

FirewallRules: [TCP Query User{9D0C5763-6D3D-4478-8401-FC8E6F6C5366}F:steamsteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) F:steamsteamappscommondivinity original sin 2defedbineocapp.exe => No File

FirewallRules: [UDP Query User{8DF31DBD-CE95-4D29-A6E0-C23A20C29BD9}F:steamsteamappscommondivinity original sin 2defedbineocapp.exe] => (Allow) F:steamsteamappscommondivinity original sin 2defedbineocapp.exe => No File

FirewallRules: [{E34CAABD-35BC-4C88-9916-A1C3544E5D9E}] => (Allow) F:SteamsteamappscommonRisk of Rain 2Risk of Rain 2.exe => No File

FirewallRules: [{1D3F8A81-21DF-43BE-98BE-305DD3B5485F}] => (Allow) F:SteamsteamappscommonRisk of Rain 2Risk of Rain 2.exe => No File

FirewallRules: [TCP Query User{CE9B2A02-AD32-46A5-BBC3-96D18754E072}F:steamsteamappscommonred dead redemption 2rdr2.exe] => (Allow) F:steamsteamappscommonred dead redemption 2rdr2.exe => No File

FirewallRules: [UDP Query User{E5941786-313E-40D2-8897-9F030ADB0D7A}F:steamsteamappscommonred dead redemption 2rdr2.exe] => (Allow) F:steamsteamappscommonred dead redemption 2rdr2.exe => No File

FirewallRules: [{16C7FBDB-5AD6-43B1-89F3-91168E7C9735}] => (Allow) F:SteamsteamappscommonDungeon Defenders 2DunDefLauncher.exe => No File

FirewallRules: [{903729CE-29F2-40B5-8AB0-4DAA54FF3219}] => (Allow) F:SteamsteamappscommonDungeon Defenders 2DunDefLauncher.exe => No File

FirewallRules: [TCP Query User{C193762F-9D46-47D5-B20A-61BA0646AFE9}F:steamsteamappscommonfallout76fallout76.exe] => (Allow) F:steamsteamappscommonfallout76fallout76.exe => No File

FirewallRules: [UDP Query User{EF2CEFFC-731A-41DF-8358-61104D9436D7}F:steamsteamappscommonfallout76fallout76.exe] => (Allow) F:steamsteamappscommonfallout76fallout76.exe => No File

FirewallRules: [{654A3DD1-8AE8-47CE-A55B-328009F83C97}] => (Allow) F:SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe => No File

FirewallRules: [{1772667A-1563-41B2-8847-1144B07C0E1D}] => (Allow) F:SteamsteamappscommonSpaceEngineersBin64SpaceEngineers.exe => No File

FirewallRules: [TCP Query User{906A1413-00A0-4E2F-A20C-00DF6EB87023}F:steamsteamappscommonstellarisstellaris.exe] => (Allow) F:steamsteamappscommonstellarisstellaris.exe => No File

FirewallRules: [UDP Query User{6056D57F-833B-4970-BF43-AA4720B132C7}F:steamsteamappscommonstellarisstellaris.exe] => (Allow) F:steamsteamappscommonstellarisstellaris.exe => No File

FirewallRules: [{259456F8-8179-413C-883B-1F745F204C74}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{28027DE9-8FB6-409F-A27B-64DA8437E254}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{64B5C766-9D43-46AE-B766-4E55D7B9C6BF}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{973242D4-E94D-4A18-B731-B9F64BEAA230}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{44D59F83-7E3F-4A0D-8EAA-B7C52C14BBCF}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{91145FE8-3580-4007-BC2B-C1DC2E0F92BA}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{17213D4D-9C09-42EE-A107-6EA67EDD669C}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{020F005D-242C-4927-A034-61AF37D40B48}] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{D0B423B3-6499-40C4-B69E-51F2144D5CE8}] => (Allow) F:SteamsteamappscommonRed Dead Redemption 2PlayRDR2.exe => No File

FirewallRules: [{0AF09A66-E4A4-412C-A3A0-3E2191E2AE1E}] => (Allow) F:SteamsteamappscommonRed Dead Redemption 2PlayRDR2.exe => No File

FirewallRules: [TCP Query User{490F826A-40E9-42FC-BA58-BA09A74AC315}F:enlistedlauncher.exe] => (Allow) F:enlistedlauncher.exe => No File

FirewallRules: [UDP Query User{39D2AD54-8530-4755-B9A6-F4340D047EAA}F:enlistedlauncher.exe] => (Allow) F:enlistedlauncher.exe => No File

FirewallRules: [{21A31AEE-A286-4572-84E6-53D997195426}] => (Allow) F:SteamsteamappscommonStar Wars – The Old Republiclauncher.exe => No File

FirewallRules: [{69BD04B7-79A7-464F-85F3-F13625A92E93}] => (Allow) F:SteamsteamappscommonStar Wars – The Old Republiclauncher.exe => No File

FirewallRules: [{8FCE2EEB-A69E-4B26-8135-D8560F132437}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{2BA389D3-6F88-49A1-8DC1-949DAD48823C}] => (Allow) F:SteamsteamappscommonHuman Fall FlatHuman.exe => No File

FirewallRules: [{9477D22F-79D8-42E6-9842-B1FEFDDC5214}] => (Allow) F:SteamsteamappscommonHuman Fall FlatHuman.exe => No File

FirewallRules: [{C715AF8E-B456-489C-8DA2-C7EB100FBA1B}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B5F8E5C0-7BEF-4BC3-9381-FFBCCE36AC2F}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{626E196F-4E99-4A65-A23D-D215D5C378E1}] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{75867BB2-35D3-4841-A990-DBEDD2CCABBC}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{822C68BE-6CA1-4D67-9542-9BD9D39CCB80}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{53D0A57E-536F-417B-AE9E-2A3C43C9AC27}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{30F116F7-209C-4A6F-904B-8D4E48853655}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{B77B1E20-7FFB-499D-B120-5BE2740086E8}] => (Allow) F:SteamsteamappscommonDuck GameDuckGame.exe => No File

FirewallRules: [{480EE0BC-B378-433F-B1FA-AFDC8C061F06}] => (Allow) F:SteamsteamappscommonDuck GameDuckGame.exe => No File

FirewallRules: [{67B44A1F-964E-430C-97EC-2623AD17FAEE}] => (Allow) F:SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe => No File

FirewallRules: [{FAB9BE35-02C5-413F-9893-A7CE391B5719}] => (Allow) F:SteamsteamappscommonDon’t Starve Togetherbindontstarve_steam.exe => No File

FirewallRules: [{71F308C2-25E6-4136-86CD-DF920AF74453}] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication91.0.864.41msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

 

==================== Restore Points =========================

 

ATTENTION: System Restore is disabled (Total:117.81 GB) (Free:31.12 GB) (26%)

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (06/10/2021 10:29:42 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )

Description: Office Subscription licensing exception: Error Code: 0x80070057; CorrelationId: {1BA6E985-76DE-4349-AC47-F8125796EF37}

 

Error: (06/09/2021 08:24:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.19041.546, time stamp: 0x058e175a

Faulting module name: KERNELBASE.dll, version: 10.0.19041.964, time stamp: 0x812662a7

Exception code: 0xc0000409

Fault offset: 0x000000000010b39c

Faulting process id: 0x1810

Faulting application start time: 0x01d75d9e90fc2da3

Faulting application path: C:WINDOWSsystem32svchost.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 95aaf7d3-ef21-43ad-84eb-f6b42e7b81e1

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (06/09/2021 07:15:53 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.19041.546, time stamp: 0x058e175a

Faulting module name: KERNELBASE.dll, version: 10.0.19041.964, time stamp: 0x812662a7

Exception code: 0xc0000409

Fault offset: 0x000000000010b39c

Faulting process id: 0x12c8

Faulting application start time: 0x01d75c1ee0f4b0f2

Faulting application path: C:WINDOWSsystem32svchost.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 587c4220-b8c4-410c-be09-320af9fb3300

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (06/09/2021 05:29:48 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SearchApp.exe, version: 10.0.19041.964, time stamp: 0x49647dad

Faulting module name: ConstraintIndex.Search.dll, version: 10.0.19041.964, time stamp: 0x9c7683f9

Exception code: 0xc0000005

Fault offset: 0x00000000000bc12d

Faulting process id: 0x3c48

Faulting application start time: 0x01d75d8fb7bcffa8

Faulting application path: C:WINDOWSSystemAppsMicrosoft.Windows.Search_cw5n1h2txyewySearchApp.exe

Faulting module path: C:WindowsSystem32ConstraintIndex.Search.dll

Report Id: 48242310-47ee-45a2-9911-a6c6cba12de7

Faulting package full name: Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

 

Error: (06/09/2021 05:29:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SearchApp.exe, version: 10.0.19041.964, time stamp: 0x49647dad

Faulting module name: ConstraintIndex.Search.dll, version: 10.0.19041.964, time stamp: 0x9c7683f9

Exception code: 0xc0000005

Fault offset: 0x00000000000bc12d

Faulting process id: 0x6084

Faulting application start time: 0x01d75d8fb51b2a1e

Faulting application path: C:WINDOWSSystemAppsMicrosoft.Windows.Search_cw5n1h2txyewySearchApp.exe

Faulting module path: C:WindowsSystem32ConstraintIndex.Search.dll

Report Id: e4c10c32-3821-4afe-940b-b7f685e807e1

Faulting package full name: Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

 

Error: (06/09/2021 05:29:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SearchApp.exe, version: 10.0.19041.964, time stamp: 0x49647dad

Faulting module name: ConstraintIndex.Search.dll, version: 10.0.19041.964, time stamp: 0x9c7683f9

Exception code: 0xc0000005

Fault offset: 0x00000000000bc12d

Faulting process id: 0x59b0

Faulting application start time: 0x01d75d8fb1ffe99d

Faulting application path: C:WINDOWSSystemAppsMicrosoft.Windows.Search_cw5n1h2txyewySearchApp.exe

Faulting module path: C:WindowsSystem32ConstraintIndex.Search.dll

Report Id: c858657f-d48a-4ccf-869e-d43f4f56d892

Faulting package full name: Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

 

Error: (06/09/2021 05:29:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SearchApp.exe, version: 10.0.19041.964, time stamp: 0x49647dad

Faulting module name: ConstraintIndex.Search.dll, version: 10.0.19041.964, time stamp: 0x9c7683f9

Exception code: 0xc0000005

Fault offset: 0x00000000000bc12d

Faulting process id: 0x1654

Faulting application start time: 0x01d75d8faf62f671

Faulting application path: C:WINDOWSSystemAppsMicrosoft.Windows.Search_cw5n1h2txyewySearchApp.exe

Faulting module path: C:WindowsSystem32ConstraintIndex.Search.dll

Report Id: 05219af1-224b-4e34-8189-660be1a6ff99

Faulting package full name: Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

 

Error: (06/09/2021 05:29:29 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SearchApp.exe, version: 10.0.19041.964, time stamp: 0x49647dad

Faulting module name: ConstraintIndex.Search.dll, version: 10.0.19041.964, time stamp: 0x9c7683f9

Exception code: 0xc0000005

Fault offset: 0x00000000000bc12d

Faulting process id: 0x1480

Faulting application start time: 0x01d75d8fac7725ba

Faulting application path: C:WINDOWSSystemAppsMicrosoft.Windows.Search_cw5n1h2txyewySearchApp.exe

Faulting module path: C:WindowsSystem32ConstraintIndex.Search.dll

Report Id: f3bb2034-d8b9-49d9-9b03-1c2bae1a6376

Faulting package full name: Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

 

 

System errors:

=============

Error: (06/09/2021 08:24:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Push Notifications User Service_321fa1b7 service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (06/09/2021 07:15:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Push Notifications User Service_321fa1b7 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (06/07/2021 09:29:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Push Notifications User Service_321fa1b7 service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (06/07/2021 07:18:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Push Notifications User Service_321fa1b7 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (06/06/2021 11:27:40 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-LN0SCAP)

Description: The server Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.

 

Error: (06/06/2021 11:27:38 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-LN0SCAP)

Description: The server Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXf8r3d8cn5hd71h9jyzah6ak9f3shj2d2.mca did not register with DCOM within the required timeout.

 

Error: (06/06/2021 11:27:38 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-LN0SCAP)

Description: The server Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.

 

Error: (06/06/2021 11:27:36 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-LN0SCAP)

Description: The server Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXf8r3d8cn5hd71h9jyzah6ak9f3shj2d2.mca did not register with DCOM within the required timeout.

 

 

Windows Defender:

================

Date: 2021-06-05 14:19:51

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.341.139.0

Previous security intelligence Version: 1.339.1972.0

Update Source: User

Security intelligence Type: AntiSpyware

Update Type: Delta

Current Engine Version: 1.1.18200.4

Previous Engine Version: 1.1.18100.6

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-06-05 14:19:51

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.341.139.0

Previous security intelligence Version: 1.339.1972.0

Update Source: User

Security intelligence Type: AntiVirus

Update Type: Delta

Current Engine Version: 1.1.18200.4

Previous Engine Version: 1.1.18100.6

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-06-05 14:19:51

Description: 

Microsoft Defender Antivirus has encountered an error trying to update the engine.

New Engine Version: 1.1.18200.4

Previous Engine Version: 1.1.18100.6

Error Code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-05-05 17:04:53

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.339.26.0

Previous security intelligence Version: 1.337.549.0

Update Source: User

Security intelligence Type: AntiSpyware

Update Type: Delta

Current Engine Version: 1.1.18100.6

Previous Engine Version: 1.1.18100.5

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2021-05-05 17:04:53

Description: 

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.339.26.0

Previous security intelligence Version: 1.337.549.0

Update Source: User

Security intelligence Type: AntiVirus

Update Type: Delta

Current Engine Version: 1.1.18100.6

Previous Engine Version: 1.1.18100.5

Error code: 0x80070666

Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

==================== Memory info =========================== 

 

BIOS: Dell Inc. 1.6.1 08/16/2018

Motherboard: Dell Inc. 

Processor: Intel® Core™ i5-7300HQ CPU @ 2.50GHz

Percentage of memory in use: 38%

Total physical RAM: 16249.44 MB

Available physical RAM: 10030.63 MB

Total Virtual: 21369.44 MB

Available Virtual: 12891.55 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:117.81 GB) (Free:31.12 GB) NTFS

Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:639.88 GB) NTFS

 

\?Volume{87edf59b-fcfa-41bf-98ff-e303a7e63209} () (Fixed) (Total:0.82 GB) (Free:0.3 GB) NTFS

\?Volume{7949bd3e-bd32-435f-b529-c0afd2157bd1} (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 119.2 GB) (Disk ID: 7AD5B7A9)

 

Partition: GPT.

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BF45B871)

Partition 1: (Not Active) – (Size=931.5 GB) – (Type=07 NTFS)

 

==================== End of Addition.txt =======================

 





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

+ 34 = thirty five