Someone hijacked my computer – Virus, Trojan, Spyware, and Malware Removal Help | #firefox | #chrome | #microsoftedge

Thank you @axe0

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2021

Ran by denni (administrator) on DESKTOP-1QS383H (11-08-2021 09:50:52)

Running from C:UsersdenniDownloads

Loaded Profiles: denni

Platform: Windows 10 Pro Version 20H2 19042.1110 (X64) Language: English (United States)

Default browser: FF

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Apple Inc. -> Apple Inc.) C:Program FilesBlizzardBonjour ServicemDNSResponder.exe

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:Program FilesDAEMON Tools LiteDTShellHlp.exe

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:ProgramDataBattle.netAgentAgent.7380Agent.exe

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) E:Battle.netBattle.net.exe <3>

(Electronic Arts, Inc. -> Electronic Arts) C:Program Files (x86)OriginOriginWebHelperService.exe

(Even Balance, Inc. -> ) C:WindowsSysWOW64PnkBstrA.exe

(Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:Program Files (x86)MaskVPNmask_svc.exe

(Google LLC -> Google LLC) C:UsersdenniAppDataLocalGoogleChromeApplicationchrome.exe <16>

(Google LLC -> Google LLC) C:UsersdenniAppDataLocalGoogleUpdate1.3.36.102GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:UsersdenniAppDataLocalGoogleUpdate1.3.36.102GoogleCrashHandler64.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbweCortana.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbweWinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0NisSrv.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_5d5c294bb8d17217Display.NvContainerNVDisplay.Container.exe <2>

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Common FilesOverwolf.174.87.16OverwolfHelper.exe

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Common FilesOverwolf.174.87.16OverwolfHelper64.exe

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Overwolf.174.87.16OverwolfBrowser.exe <3>

(Overwolf Ltd -> Overwolf LTD) C:Program Files (x86)Overwolfold_28717_Overwolf.exe

(Overwolf Ltd -> Overwolf LTD) C:UsersdenniAppDataLocalOverwolfProcessCache.174.87.16cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbjcurseforge.exe

(Parsec Cloud, Inc. -> Parsec) C:Program FilesParsecparsecd.exe

(Parsec Cloud, Inc. -> Parsec) C:Program FilesParsecpservice.exe

(ProtonVPN AG -> ) C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:Program Files (x86)TeamViewerTeamViewer_Service.exe

(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe

(Valve -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <7>

(Valve -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

(Weather app) [File not signed] C:UsersdenniAppDataRoamingWeatherWeather.exe <8>

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [8822528 2016-05-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32…Run: [Weather] => C:UsersdenniAppDataRoamingWeatherWeather.exe [134373676 2021-06-02] (Weather app) [File not signed]

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4110568 2021-07-20] (Valve -> Valve Corporation)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Discord] => C:UsersdenniAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Gaijin.Net Updater] => C:UsersdenniAppDataLocalGaijinProgram Files (x86)NetAgentgjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Google Update] => C:UsersdenniAppDataLocalGoogleUpdate1.3.36.102GoogleUpdateCore.exe [223816 2021-08-04] (Google LLC -> Google LLC)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Skype for Desktop] => C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [DAEMON Tools Lite Automount] => C:Program FilesDAEMON Tools LiteDTAgent.exe [365160 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [EpicGamesLauncher] => E:epicEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [32762440 2021-01-08] (Epic Games Inc. -> Epic Games, Inc.)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Battle.net] => E:Battle.netBattle.net.exe [1079184 2021-07-28] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Overwolf] => C:Program Files (x86)OverwolfOverwolfLauncher.exe [1807192 2021-08-08] (Overwolf Ltd -> Overwolf Ltd.)

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [] => [X]

HKUS-1-5-21-386562958-4221920933-1689164847-1003…Run: [Parsec.App.0] => C:Program FilesParsecparsecd.exe [430272 2021-07-11] (Parsec Cloud, Inc. -> Parsec)

GroupPolicy: Restriction ? <==== ATTENTION

Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {031B3115-6819-4A6D-8FC6-4109D82DF3B0} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {2A5B3519-6BD3-4CDC-95E8-6D345677549A} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {2D53FD43-5C4E-4725-B91C-BC91440D159A} – System32TasksOverwolf Updater Task => C:Program Files (x86)OverwolfOverwolfUpdater.exe [2479960 2021-08-08] (Overwolf Ltd -> Overwolf LTD)

Task: {423E2457-C126-4BDB-9D37-0F6010ED0A09} – System32TasksGoogleUpdateTaskUserS-1-5-21-386562958-4221920933-1689164847-1003Core => C:UsersdenniAppDataLocalGoogleUpdateGoogleUpdate.exe [155432 2019-10-31] (Google Inc -> Google LLC)

Task: {446CD6E7-3E89-4FEB-A819-6C0F518E13F5} – System32TasksMSIAfterburner => C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

Task: {52E32CEF-B4F6-408F-9CFE-21DFE1B2FC70} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [673720 2021-08-10] (Mozilla Corporation -> Mozilla Foundation)

Task: {621A2766-CB69-4298-8FC7-52378A16AD11} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {658CA339-4912-4AB5-B01A-BC70F3181E3D} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {66913D11-BBBF-4C9D-9CDE-2F83D80C248A} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {6F2D32C0-531D-463A-95E6-3922793931E0} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {706CA9E4-A5F6-4226-BE14-F739CBA59680} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {769C891E-3AF8-4708-B7ED-BA3D3369E7C9} – System32TasksGoogleUpdateTaskUserS-1-5-21-386562958-4221920933-1689164847-1003UA => C:UsersdenniAppDataLocalGoogleUpdateGoogleUpdate.exe [155432 2019-10-31] (Google Inc -> Google LLC)

Task: {8F2FD62A-1F0D-469B-B0DF-7D1108A8E972} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A6DA6F7D-D3D7-4F05-97BD-8CDC1AF2816B} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A6ED19D0-1D27-4566-8A92-EDA6A51124AA} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A7ABC1B5-7960-4624-9E2E-86E445215B39} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {CEE0D4DE-76CC-4BC7-852E-EF43FFB7F640} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {E9E482EE-B25C-4903-9D4C-C4DBB9980A10} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {EC22D84D-503B-4B9B-BA3C-981075F37512} – System32TasksMicrosoftWindowsremplshell => C:Program Filesremplsedlauncher.exe

Task: {F0493898-BA1F-40FF-A2A2-D3C41E192CAC} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip..Interfaces{0ccadc94-dd99-4420-9581-98dad5f52396}: [DhcpNameServer] 75.75.75.75 75.75.76.76

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge Profile: C:UsersdenniAppDataLocalMicrosoftEdgeUser DataDefault [2021-08-11]

 

FireFox:

========

FF DefaultProfile: 4gp7c00q.default

FF ProfilePath: C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.default [2021-08-11]

FF Notifications: MozillaFirefoxProfiles4gp7c00q.default -> hxxps://www.smashladder.com; hxxps://freebitco.in

FF Extension: (AdBlocker Ultimate) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensionsadblockultimate@adblockultimate.net.xpi [2021-07-26]

FF Extension: (Ghostery – Privacy Ad Blocker) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensionsfirefox@ghostery.com.xpi [2021-06-29]

FF Extension: (AdBlocker for YouTube™) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensionsjid1-q4sG8pYhq8KGHs@jetpack.xpi [2021-05-17]

FF Extension: (YouTube NonStop) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensions{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi [2021-03-12]

FF Extension: (Live Recorder) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensions{36da9617-69e6-45b2-a495-ac5d07168ccd}.xpi [2020-09-12]

FF Extension: (Web Scrobbler) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensions{799c0914-748b-41df-a25c-22d008f9e83f}.xpi [2021-07-26]

FF Extension: (Hive Keychain) – C:UsersdenniAppDataRoamingMozillaFirefoxProfiles4gp7c00q.defaultExtensions{b6bd7e35-0762-42a2-a283-95a94635047d}.xpi [2021-07-31]

FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:Program FilesJavajre1.8.0_271bindtpluginnpDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:Program FilesJavajre1.8.0_271binplugin2npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersdenniAppDataLocalGoogleChromeUser DataDefault [2021-08-11]

CHR Extension: (Slides) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-10-31]

CHR Extension: (Docs) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2019-10-31]

CHR Extension: (Google Drive) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-25]

CHR Extension: (YouTube) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-31]

CHR Extension: (Sheets) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-10-31]

CHR Extension: (Google Docs Offline) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-04]

CHR Extension: (Chrome Web Store Payments) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-28]

CHR Extension: (Gmail) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]

CHR Extension: (Chrome Media Router) – C:UsersdenniAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-08]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8912272 2021-07-29] (BattlEye Innovations e.K. -> )

R2 Bonjour Service; C:Program FilesBlizzardBonjour ServicemDNSResponder.exe [390504 2020-09-21] (Apple Inc. -> Apple Inc.)

R3 Disc Soft Lite Bus Service; C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe [4506728 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [818304 2020-12-03] (EasyAntiCheat Oy -> Epic Games, Inc)

S3 EasyAntiCheat_EOS; C:Program Files (x86)EasyAntiCheat_EOSEasyAntiCheat_EOS.exe [595888 2021-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)

R2 MaskVPNService; C:Program Files (x86)MaskVPNmask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)

S3 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7477704 2021-08-05] (Malwarebytes Inc -> Malwarebytes)

S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)

S3 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2479960 2021-08-08] (Overwolf Ltd -> Overwolf LTD)

R2 Parsec; C:Program FilesParsecpservice.exe [395968 2021-07-11] (Parsec Cloud, Inc. -> Parsec)

R2 PnkBstrA; C:WINDOWSSysWOW64PnkBstrA.exe [76888 2019-06-01] (Even Balance, Inc. -> )

R2 ProtonVPN Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe [97080 2019-08-12] (ProtonVPN AG -> )

S3 Rockstar Service; E:LauncherRockstarService.exe [1934744 2021-07-03] (Rockstar Games, Inc. -> Rockstar Games)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5395384 2021-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2107.4-0MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_5d5c294bb8d17217Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_5d5c294bb8d17217Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 dtlitescsibus; C:WINDOWSSystem32driversdtlitescsibus.sys [42256 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)

R3 dtliteusbbus; C:WINDOWSSystem32driversdtliteusbbus.sys [59360 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

S3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-08-05] (Malwarebytes Inc -> Malwarebytes)

S3 ProtonVPNSplitTunnelCalloutDriver; C:Program Files (x86)Proton TechnologiesProtonVPNResources64-bitwin10ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> )

S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 SteamStreamingMicrophone; C:WINDOWSsystem32driversSteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )

R3 SteamStreamingSpeakers; C:WINDOWSsystem32driversSteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )

R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

R3 tapprotonvpn; C:WINDOWSSystem32driverstapprotonvpn.sys [44976 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

R3 ViGEmBus; C:WINDOWSSystem32driversViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)

S3 vjoy; C:WINDOWSSystem32driversvjoy.sys [44784 2015-05-05] (Shaul Eizikovich -> Shaul Eizikovich)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-08-11 09:50 – 2021-08-11 09:51 – 000023067 _____ C:UsersdenniDownloadsFRST.txt

2021-08-11 09:48 – 2021-08-11 09:51 – 000000000 ____D C:FRST

2021-08-11 09:46 – 2021-08-11 09:46 – 002300416 _____ (Farbar) C:UsersdenniDownloadsFRST64.exe

2021-08-11 09:45 – 2021-08-11 09:45 – 000003142 _____ C:WINDOWSsystem32TasksMSIAfterburner

2021-08-11 00:07 – 2021-08-11 00:07 – 000000000 ___HD C:$WinREAgent

2021-08-10 17:03 – 2021-08-10 17:03 – 000000000 ____D C:WINDOWSsystem32TasksMozilla

2021-08-10 11:57 – 2021-08-10 17:03 – 000000000 ____D C:Program FilesMozilla Firefox

2021-08-09 20:04 – 2021-08-09 20:04 – 003499136 _____ C:UsersdenniDesktopass2323332

2021-08-08 02:19 – 2021-08-08 23:38 – 000000201 _____ C:UsersdenniDesktopreshade.txt

2021-08-06 02:02 – 2021-08-06 02:02 – 000000000 ____D C:UsersdenniAppDataLocalTaskManClient

2021-08-06 02:01 – 2021-08-06 02:01 – 000000000 ____D C:UsersdenniAppDataLocalBack4BloodBeta

2021-08-06 02:01 – 2021-08-06 02:01 – 000000000 ____D C:Program Files (x86)EasyAntiCheat_EOS

2021-08-06 01:37 – 2021-08-06 01:37 – 001995028 _____ C:UsersdenniDownloadsass2234

2021-08-06 01:09 – 2021-08-06 01:09 – 003038248 _____ (crosire) C:UsersdenniDesktopReShade_Setup_4.9.1.exe

2021-08-05 14:15 – 2021-08-05 14:15 – 000000000 ____D C:WINDOWSLastGood

2021-08-05 14:06 – 2021-07-13 12:07 – 001858664 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-08-05 14:06 – 2021-07-13 12:07 – 001858664 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-08-05 14:06 – 2021-07-13 12:07 – 001438824 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-08-05 14:06 – 2021-07-13 12:07 – 001438824 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-08-05 14:06 – 2021-07-13 12:07 – 001097856 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-08-05 14:06 – 2021-07-13 12:07 – 001097856 _____ C:WINDOWSsystem32vulkan-1.dll

2021-08-05 14:06 – 2021-07-13 12:07 – 000951936 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-08-05 14:06 – 2021-07-13 12:07 – 000951936 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-08-05 14:06 – 2021-07-13 12:06 – 001474704 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-08-05 14:06 – 2021-07-13 12:06 – 001212560 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-08-05 14:06 – 2021-07-13 12:02 – 001520776 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-08-05 14:06 – 2021-07-13 12:02 – 000716912 _____ C:WINDOWSsystem32nvofapi64.dll

2021-08-05 14:06 – 2021-07-13 12:02 – 000676480 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-08-05 14:06 – 2021-07-13 12:02 – 000645232 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-08-05 14:06 – 2021-07-13 12:02 – 000577152 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-08-05 14:06 – 2021-07-13 12:02 – 000564352 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-08-05 14:06 – 2021-07-13 12:01 – 002112128 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-08-05 14:06 – 2021-07-13 12:01 – 001595520 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-08-05 14:06 – 2021-07-13 12:01 – 001171072 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-08-05 14:06 – 2021-07-13 12:01 – 000919168 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-08-05 14:06 – 2021-07-13 12:01 – 000750208 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-08-05 14:06 – 2021-07-13 12:01 – 000706176 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-08-05 14:06 – 2021-07-13 12:00 – 008854144 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-08-05 14:06 – 2021-07-13 12:00 – 007920768 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-08-05 14:06 – 2021-07-13 12:00 – 005680760 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-08-05 14:06 – 2021-07-13 12:00 – 004987520 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-08-05 14:06 – 2021-07-13 12:00 – 002925696 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-08-05 14:06 – 2021-07-13 12:00 – 000447104 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-08-05 14:06 – 2021-07-13 11:59 – 000849008 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-08-05 14:06 – 2021-07-13 11:57 – 006215792 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-08-05 14:06 – 2021-07-12 06:32 – 000083062 _____ C:WINDOWSsystem32nvinfo.pb

2021-08-05 13:45 – 2021-08-05 13:45 – 008553680 _____ (Malwarebytes) C:UsersdenniDownloadsadwcleaner_8.3.0.exe

2021-08-05 13:26 – 2021-08-05 13:26 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-08-05 13:25 – 2021-08-05 13:25 – 002120496 _____ (Malwarebytes) C:UsersdenniDesktopMBSetup.exe

2021-08-05 13:21 – 2021-08-05 13:21 – 000000000 ____D C:WINDOWSPanther

2021-08-05 12:55 – 2021-08-05 12:56 – 000001870 _____ C:UsersdenniDesktopRkill.txt

2021-08-05 12:55 – 2021-08-05 12:55 – 000988112 _____ (Bleeping Computer, LLC) C:UsersdenniDownloadsrkill64.exe

2021-07-31 13:35 – 2021-08-10 19:21 – 000000000 ____D C:Program FilesStreamlabs OBS

2021-07-31 13:35 – 2021-07-31 13:35 – 000001964 _____ C:UsersPublicDesktopStreamlabs OBS.lnk

2021-07-31 13:32 – 2021-07-31 13:32 – 191642920 _____ (General Workings, Inc.) C:UsersdenniDesktopStreamlabs+OBS+Setup+1.3.2-TX8ho1yLwyV3PcF.exe

2021-07-30 23:34 – 2021-07-30 23:34 – 018581488 _____ C:UsersdenniDesktopDAT Texture Wizard – v6.1.2 (x64).zip

2021-07-30 23:28 – 2021-07-30 23:28 – 000244410 _____ C:UsersdenniDesktopGoth-Peach-e58336ee.zip

2021-07-30 15:39 – 2021-07-30 15:39 – 000000000 ____D C:UsersdenniAppDataLocalslippi-launcher-updater

2021-07-30 01:19 – 2021-07-30 23:36 – 000000000 ____D C:UsersdenniDesktopStreaming

2021-07-29 21:40 – 2021-07-29 21:40 – 000415616 _____ C:UsersdenniDesktopPSDs-Paranormal-k9cn06.zip

2021-07-29 21:39 – 2021-07-29 21:40 – 333165174 _____ C:UsersdenniDesktopParanormal-Stream-Package-tq4tat.zip

2021-07-18 19:15 – 2021-07-18 19:15 – 001823280 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-07-18 19:15 – 2021-07-18 19:15 – 000011357 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-07-18 19:15 – 2021-07-18 19:15 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MsraLegacy.tlb

2021-07-18 19:15 – 2021-07-18 19:15 – 000007680 _____ (Microsoft Corporation) C:WINDOWSsystem32MsraLegacy.tlb

2021-07-18 19:15 – 2021-07-18 19:15 – 000006656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rendezvousSession.tlb

2021-07-18 19:15 – 2021-07-18 19:15 – 000006656 _____ (Microsoft Corporation) C:WINDOWSsystem32rendezvousSession.tlb

2021-07-18 10:34 – 2021-07-18 10:34 – 001405890 _____ C:UsersdenniDownloadswestballs

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-08-11 09:50 – 2019-04-19 17:29 – 000000000 ____D C:Program Files (x86)Steam

2021-08-11 09:47 – 2019-04-12 15:57 – 000000000 ____D C:ProgramDataNVIDIA

2021-08-11 09:46 – 2021-05-19 03:26 – 000000000 ____D C:Program Files (x86)Overwolf

2021-08-11 09:46 – 2019-10-02 01:40 – 000000000 ____D C:UsersdenniAppDataLocalBattle.net

2021-08-11 09:45 – 2021-05-19 03:26 – 000002172 _____ C:UsersdenniDesktopCurseForge.lnk

2021-08-11 09:45 – 2020-10-13 12:24 – 000000000 ____D C:UsersdenniAppDataLocalOverwolf

2021-08-11 05:30 – 2021-04-16 04:25 – 000000000 ____D C:Usersdenni

2021-08-11 05:30 – 2019-12-07 04:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-08-11 05:30 – 2019-04-20 22:21 – 000000000 ____D C:UsersdenniAppDataRoamingDiscord

2021-08-11 05:23 – 2019-04-20 22:21 – 000000000 ____D C:UsersdenniAppDataLocalDiscord

2021-08-10 21:15 – 2020-07-08 21:55 – 000000000 ____D C:UsersdenniAppDataRoamingslobs-client

2021-08-10 21:15 – 2019-04-22 22:30 – 000000000 ____D C:UsersdenniAppDataLocalCrashDumps

2021-08-10 21:11 – 2020-07-14 22:56 – 000000000 ____D C:UsersdenniDocumentsSlippi

2021-08-10 19:31 – 2019-04-12 16:05 – 000000000 ____D C:ProgramDataMozilla

2021-08-10 19:30 – 2019-04-19 17:02 – 000000000 ____D C:UsersdenniAppDataLocalLowMozilla

2021-08-10 17:03 – 2019-04-12 16:05 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk

2021-08-10 17:03 – 2019-04-12 16:05 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2021-08-10 00:08 – 2020-09-14 11:20 – 000000000 ____D C:UsersdenniDesktopSonic 1.3

2021-08-09 22:46 – 2021-05-26 19:28 – 000000000 ____D C:UsersdenniDesktopsonic again

2021-08-09 16:40 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-08-09 00:27 – 2019-12-07 04:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-08-08 13:22 – 2021-04-16 04:31 – 000003378 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-386562958-4221920933-1689164847-1003

2021-08-08 13:22 – 2021-04-16 04:25 – 000002379 _____ C:UsersdenniAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-08-08 13:22 – 2019-04-19 15:53 – 000000000 ___RD C:UsersdenniOneDrive

2021-08-08 11:20 – 2020-11-08 19:53 – 000000000 ____D C:UsersdenniDesktopReason cool noises

2021-08-08 10:35 – 2019-04-25 14:26 – 000000000 ____D C:UsersdenniAppDataLocalD3DSCache

2021-08-08 01:54 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-08-08 01:54 – 2019-12-07 04:13 – 000000000 ____D C:WINDOWSINF

2021-08-08 00:56 – 2020-01-05 20:09 – 000000000 ____D C:UsersdenniAppDataLocalDayZ Launcher

2021-08-08 00:39 – 2020-02-13 23:42 – 000000000 ____D C:UsersdenniAppDataLocalDayZ

2021-08-07 09:26 – 2020-07-16 02:05 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-08-06 02:25 – 2019-05-24 22:27 – 000000000 ____D C:UsersdenniAppDataLocalFiveM

2021-08-06 02:01 – 2020-05-03 20:05 – 000000000 ____D C:UsersdenniAppDataRoamingEasyAntiCheat

2021-08-06 00:14 – 2020-09-30 17:15 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-08-05 17:15 – 2019-10-31 09:08 – 000002498 _____ C:UsersdenniAppDataRoamingMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-08-05 14:16 – 2021-03-01 13:59 – 000000000 ____D C:UsersdenniAppDataLocalNVIDIA

2021-08-05 14:14 – 2019-04-12 15:57 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-08-05 13:28 – 2021-04-16 04:34 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-08-05 13:26 – 2021-01-08 17:41 – 000002021 _____ C:UsersPublicDesktopMalwarebytes.lnk

2021-08-05 13:26 – 2020-11-05 15:34 – 000002033 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-08-05 13:26 – 2019-08-20 01:21 – 000199128 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-08-05 13:21 – 2021-04-16 04:31 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-08-05 13:21 – 2021-04-16 04:24 – 000008192 ___SH C:DumpStack.log.tmp

2021-08-05 13:21 – 2020-04-05 02:04 – 000000000 ____D C:Program Files (x86)TeamViewer

2021-08-05 13:21 – 2019-12-07 04:03 – 000786432 _____ C:WINDOWSsystem32configBBI

2021-08-04 16:10 – 2021-04-16 04:31 – 000003680 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskUserS-1-5-21-386562958-4221920933-1689164847-1003UA

2021-08-04 16:10 – 2021-04-16 04:31 – 000003412 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskUserS-1-5-21-386562958-4221920933-1689164847-1003Core

2021-08-04 13:25 – 2019-04-12 17:44 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-08-01 23:21 – 2021-04-26 00:10 – 000003386 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d732a2ff880397

2021-08-01 23:21 – 2021-04-16 04:31 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-07-31 13:35 – 2020-07-08 21:55 – 000001976 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsStreamlabs OBS.lnk

2021-07-30 15:40 – 2020-06-23 07:12 – 000000000 ____D C:UsersdenniAppDataRoamingSlippi Launcher

2021-07-30 15:39 – 2020-06-23 07:12 – 000000000 ____D C:UsersdenniAppDataRoamingSlippi Desktop App

2021-07-30 15:39 – 2020-06-23 07:12 – 000000000 ____D C:Program FilesSlippi Launcher

2021-07-30 15:38 – 2019-04-20 22:49 – 000000000 ____D C:UsersdenniDesktopFM-v5.9-Slippi-r18-Win

2021-07-30 02:47 – 2021-01-08 17:25 – 000001272 _____ C:UsersdenniDesktopESET Online Scanner.lnk

2021-07-30 02:47 – 2019-10-19 19:40 – 000001378 _____ C:UsersdenniAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk

2021-07-30 02:44 – 2021-04-16 04:24 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-07-29 14:21 – 2020-10-14 13:33 – 000000000 ____D C:Program FilesJava

2021-07-24 13:30 – 2020-12-20 20:03 – 000000000 ____D C:UsersdenniDesktopImportant

2021-07-18 23:56 – 2021-04-16 04:24 – 000266816 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-07-18 23:56 – 2019-12-07 04:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-07-18 23:56 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSystemResources

2021-07-18 23:56 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-07-18 23:56 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-07-18 23:56 – 2019-12-07 04:14 – 000000000 ____D C:Program FilesCommon FilesSystem

2021-07-18 19:16 – 2019-12-07 04:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-07-18 19:15 – 2015-03-04 20:46 – 000414038 __RSH C:bootmgr

2021-07-18 19:08 – 2019-06-03 04:31 – 000000000 ____D C:Program FilesParsec

2021-07-16 09:45 – 2020-09-30 17:15 – 000486712 _____ (Microsoft Corporation) C:WINDOWSsystem32QualityUpdateAssistant.dll

2021-07-16 09:45 – 2020-02-18 18:53 – 000740152 _____ (Microsoft Corporation) C:WINDOWSsystem32sedplugins.dll

2021-07-16 00:50 – 2019-04-12 16:20 – 000000000 ____D C:WINDOWSsystem32MRT

2021-07-16 00:46 – 2019-04-12 16:20 – 133422552 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-07-13 11:57 – 2021-04-16 10:22 – 007280312 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

 

==================== Files in the root of some directories ========

 

2020-05-03 09:50 – 2020-05-03 09:50 – 001065984 _____ () C:UsersdenniAppDataLocalfile__0.localstorage

2020-04-11 19:58 – 2020-04-11 19:58 – 000000993 _____ () C:UsersdenniAppDataLocalFM-v5.9-Slippi-r18-Win – Shortcut.lnk

2020-05-03 19:36 – 2020-05-03 19:36 – 000007605 _____ () C:UsersdenniAppDataLocalResmon.ResmonCfg

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2021

Ran by denni (11-08-2021 09:52:38)

Running from C:UsersdenniDownloads

Windows 10 Pro Version 20H2 19042.1110 (X64) (2021-04-16 09:31:54)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-386562958-4221920933-1689164847-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-386562958-4221920933-1689164847-503 – Limited – Disabled)

denni (S-1-5-21-386562958-4221920933-1689164847-1003 – Administrator – Enabled) => C:Usersdenni

Guest (S-1-5-21-386562958-4221920933-1689164847-501 – Limited – Disabled)

Ohlso (S-1-5-21-386562958-4221920933-1689164847-1001 – Administrator – Enabled) => C:UsersOhlso

rose2 (S-1-5-21-386562958-4221920933-1689164847-1002 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-386562958-4221920933-1689164847-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Advanced BAT to EXE Converter v4.11 (HKLM-x32…Advanced BAT to EXE Converter v4.11) (Version:  – )

Apex Legends (HKLM-x32…{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.1 – Electronic Arts, Inc.)

AutoHotkey 1.1.33.02 (HKLM…AutoHotkey) (Version: 1.1.33.02 – Lexikos)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Br Wser ver. 1065 version 1.65 (HKLM-x32…Br Wser ver. 1065_is1) (Version: 1.65 – Networks of IN log Company)

Burning Crusade Classic (HKLM-x32…Burning Crusade Classic) (Version:  – Blizzard Entertainment)

CPUID HWMonitor 1.41 (HKLM…CPUID HWMonitor_is1) (Version: 1.41 – CPUID, Inc.)

CurseForge (HKUS-1-5-21-386562958-4221920933-1689164847-1003…Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.180.1.2 – Overwolf app)

DAEMON Tools Lite (HKLM…DAEMON Tools Lite) (Version: 10.12.0.1152 – Disc Soft Ltd)

Discord (HKUS-1-5-21-386562958-4221920933-1689164847-1003…Discord) (Version: 0.0.309 – Discord Inc.)

DZSALauncher version 0.0.4.8 (HKLM-x32…DZSALauncher_is1) (Version: 0.0.4.8 – Maca134)

Ecency 3.0.11 (HKUS-1-5-21-386562958-4221920933-1689164847-1003…f4cdf94b-3105-5392-819f-dbc6483c637d) (Version: 3.0.11 – Ecency)

Enlisted Launcher 1.0.3.52 (HKUS-1-5-21-386562958-4221920933-1689164847-1003…{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version:  – Gaijin Network)

Epic Games Launcher (HKLM-x32…{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

FileZilla Client 3.42.1 (HKUS-1-5-21-386562958-4221920933-1689164847-1003…FileZilla Client) (Version: 3.42.1 – Tim Kosse)

Fire Pro Wrestling World Fighting Road Champion Road Beyond (HKLM-x32…Fire Pro Wrestling World Fighting Road Champion ~BEAB44F4_is1) (Version:  – )

FiveM (HKUS-1-5-21-386562958-4221920933-1689164847-1003…CitizenFX_FiveM) (Version:  – Cfx.re)

Genshin Impact (HKLM…Genshin Impact Beta) (Version: 2.3.3.0 – miHoYo Co.,Ltd)

Google Chrome (HKUS-1-5-21-386562958-4221920933-1689164847-1003…Google Chrome) (Version: 92.0.4515.131 – Google LLC)

Grand Theft Auto San Andreas-HOODLUM version 1.0 (HKLM-x32…Grand Theft Auto San Andreas-HOODLUM_is1) (Version: 1.0 – )

Grand Theft Auto V (HKLM-x32…{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: “1.0.0.10” – Rockstar Games)

Heaven Benchmark version 4.0 (HKLM-x32…Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 – Unigine Corp.)

HitmanPro 3.8 (HKLM…HitmanPro38) (Version: 3.8.20.314 – SurfRight B.V.)

Intel® Wireless Bluetooth® (HKLM-x32…{00001010-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 – Intel Corporation)

Java 8 Update 271 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 – Oracle Corporation)

JoyToKey version 6.5 (HKLM-x32…{EBF21C82-423E-49FD-BCBD-88C08397CB44}_is1) (Version: 6.5 – JTK software)

Launcher Prerequisites (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

League of Legends (HKLM-x32…League of Legends 1.0) (Version: 1.0 – Riot Games, Inc)

Malwarebytes version 4.4.4.126 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 – Malwarebytes)

MaskVPN (HKLM-x32…{4A4ACF2E-4A98-4D18-80E3-5A5E5706F81E}_is1) (Version: 1.1.0.31 – Global Media (Thailand) Co., Ltd)

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32…{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 92.0.902.67 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-386562958-4221920933-1689164847-1001…OneDriveSetup.exe) (Version: 19.043.0304.0007 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-386562958-4221920933-1689164847-1003…OneDriveSetup.exe) (Version: 21.139.0711.0001 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29913 (HKLM-x32…{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32…{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 – Microsoft Corporation)

mk v1.53.666 (HKLM-x32…WeriseTweaker.exe_is1) (Version: 1.53.0.666 – )

M’Overlay version 1.6.5 (HKLM…M’Overlay_is1) (Version: 1.6.5 – Bkacjios)

Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 91.0 (x64 en-US)) (Version: 91.0 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 66.0.3 – Mozilla)

MSI Afterburner 4.6.0 (HKLM-x32…Afterburner) (Version: 4.6.0 – MSI Co., LTD)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Graphics Driver 471.41 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.60 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

OpenAL (HKLM-x32…OpenAL) (Version:  – )

OpenIV (HKUS-1-5-21-386562958-4221920933-1689164847-1003…OpenIV) (Version: 3.1.1032 – .black/OpenIV Team)

Origin (HKLM-x32…Origin) (Version: 10.5.101.48500 – Electronic Arts, Inc.)

Overwolf (HKLM-x32…Overwolf) (Version: 0.176.87.27 – Overwolf Ltd.)

Parsec (HKLM-x32…Parsec) (Version:  – Parsec Cloud Inc.)

Path of Building Community (HKUS-1-5-21-386562958-4221920933-1689164847-1003…Path of Building Community) (Version: 1.4.170.8 – Path of Building Community)

PoE Overlay (HKUS-1-5-21-386562958-4221920933-1689164847-1003…Overwolf_cijcjjcjilpooaeppicpfibopeefaglkefjaeofl) (Version: 1.0.11 – Overwolf app)

Project64 version 2.3.2.202 (HKLM-x32…{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 – )

ProtonVPN (HKLM-x32…{8725D84B-70EA-468D-A8F3-D175DA616B52}) (Version: 1.10.1 – ProtonVPN AG) Hidden

ProtonVPN (HKLM-x32…ProtonVPN 1.10.1) (Version: 1.10.1 – ProtonVPN AG)

ProtonVPNTap (HKLM-x32…{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 – ProtonVPN AG)

PunkBuster Services (HKLM-x32…PunkBusterSvc) (Version: 0.992 – Even Balance, Inc.)

Qcma (HKLM…Qcma) (Version: 0.4.1 – codestation)

RAGE Multiplayer (HKLM-x32…RAGE Multiplayer) (Version:  – RAGE Multiplayer Team)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7831 – Realtek Semiconductor Corp.)

Reason 5.0 (HKLM-x32…Reason5_is1) (Version: 5.0 – Propellerhead Software AB)

RivaTuner Statistics Server 7.2.1 (HKLM-x32…RTSS) (Version: 7.2.1 – Unwinder)

Roblox Player for denni (HKUS-1-5-21-386562958-4221920933-1689164847-1003…roblox-player) (Version:  – Roblox Corporation)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.42.369 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.8.5 – Rockstar Games)

Screenleap (HKLM-x32…{3BEF84FF-3678-4ED0-83E1-12CFD5DD8778}) (Version: 14.2.6.0 – Screenleap, Inc.)

Skype version 8.55 (HKLM-x32…Skype_is1) (Version: 8.55 – Skype Technologies S.A.)

Slippi Launcher 2.0.3 (HKLM…6864321e-78ac-5f45-8ec5-314da299c62f) (Version: 2.0.3 – Jas Laferriere)

Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)

StarCraft (HKLM-x32…StarCraft) (Version:  – Blizzard Entertainment)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Streamlabs OBS 1.3.2 (HKLM…29c4619-0385-5543-9426-46f9987161d9) (Version: 1.3.2 – General Workings, Inc.)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.4.4445 – TeamViewer)

Tixati (HKLM-x32…tixati) (Version:  – )

TradeSkillMaster Application version 1.0 (HKLM-x32…{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 – TradeSkillMaster)

Update for Windows 10 for x64-based Systems (KB4480730) (HKLM…{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 – Microsoft Corporation)

vJoy Device Driver 0.2.0.5 (HKLM…{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 0.2.0.5 – Shaul Eizikovich)

War Thunder Launcher 1.0.3.165 (HKUS-1-5-21-386562958-4221920933-1689164847-1003…{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  – Gaijin Entertainment)

Weather (HKLM-x32…Weather) (Version: 9.1.0T – Weather)

Wii U USB GCN adapter version 3.2.1 (HKLM-x32…{B3898604-95BA-4EBA-A8D7-C4C2BDC2712A}_is1) (Version: 3.2.1 – Matt Cunningham)

Windows Driver Package – Microsoft PS Vita Type B (02/22/2013 6.1.7600.16385) (HKLM…A0EC80B5719D4DA4CF40C9219D7CB9CCAD6DBA40) (Version: 02/22/2013 6.1.7600.16385 – Microsoft)

WinRAR 5.71 (64-bit) (HKLM…WinRAR archiver) (Version: 5.71.0 – win.rar GmbH)

World of Warcraft Classic (HKLM-x32…World of Warcraft Classic) (Version:  – Blizzard Entertainment)

World of Warcraft Classic Era (HKLM-x32…World of Warcraft Classic Era) (Version:  – Blizzard Entertainment)

X4: Foundations (HKLM-x32…X4: Foundations_is1) (Version:  – )

Yu-Gi-Oh! The Dawn of a New Era – YGOPRO 2 version 1.15.0.1677 (HKLM-x32…{53EDA5E6-9F37-46F0-9D75-08F82CB86338}_is1) (Version: 1.15.0.1677 – Kaiba Corporation)

Zone Builder 2.9 (HKLM-x32…Zone Builder_is1) (Version:  – MascaraSnake)

 

Packages:

=========

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-05] (NVIDIA Corp.)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-09] (Spotify AB) [Startup Task]

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{6D264B70-DA18-401D-910C-B202D89670C6}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.32psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.102psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{8B480070-D37D-4090-A063-7A429F849652}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.92psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{A2C6CB58-C076-425C-ACB7-6D19D64428CD}localserver32 -> C:UsersdenniAppDataLocalGoogleChromeApplication92.0.4515.131notification_helper.exe (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{BE5C2E39-090F-46A2-AFAA-47540743B4FE}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.102psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{CA8FA699-91CD-412F-9D13-9B1222F4370E}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{CA919489-0396-4164-A6E7-94CDED45A707}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.52psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.72psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-386562958-4221920933-1689164847-1003_ClassesCLSID{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}InprocServer32 -> C:UsersdenniAppDataLocalGoogleUpdate1.3.36.102psuser_64.dll (Google LLC -> Google LLC)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:Program FilesDAEMON Tools Litedtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)

ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:Program FilesDAEMON Tools Litedtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_5d5c294bb8d17217nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [VIDC.RTV1] => C:WINDOWSsystem32rtvcvfw64.dll [246272 2012-09-28] () [File not signed]

HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersdenniAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts90af08afac2af51aGoogle Chrome.lnk -> C:UsersdenniAppDataLocalGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=Default

 

==================== Loaded Modules (Whitelisted) =============

 

2019-07-02 01:41 – 2019-07-02 01:41 – 000152064 _____ () [File not signed] C:Program Files (x86)Proton TechnologiesProtonVPNResources64-bitSplitTunnel.dll

2019-08-12 05:08 – 2019-08-12 05:08 – 000484352 _____ () [File not signed] C:Program Files (x86)Proton TechnologiesProtonVPNx64IPFilter.dll

2021-04-21 00:09 – 2021-04-21 00:09 – 000398848 _____ () [File not signed] C:UsersdenniAppDataRoamingWeatherlibegl.dll

2021-04-21 00:09 – 2021-04-21 00:09 – 008204288 _____ () [File not signed] C:UsersdenniAppDataRoamingWeatherlibglesv2.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 104869376 _____ () [File not signed] E:Battle.netBattle.net.13029libcef.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000112128 _____ () [File not signed] E:Battle.netBattle.net.13029libegl.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 006227456 _____ () [File not signed] E:Battle.netBattle.net.13029libglesv2.dll

2019-07-27 23:24 – 2019-02-21 11:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000810496 _____ (The Chromium Authors) [File not signed] E:Battle.netBattle.net.13029chrome_elf.dll

2021-04-21 00:09 – 2021-04-21 00:09 – 001748992 _____ (The NW.js Community) [File not signed] C:UsersdenniAppDataRoamingWeatherffmpeg.dll

2021-04-21 00:09 – 2021-04-21 00:09 – 012326912 _____ (The NW.js Community) [File not signed] C:UsersdenniAppDataRoamingWeathernode.dll

2021-04-21 00:09 – 2021-04-21 00:09 – 141623808 _____ (The NW.js Community) [File not signed] C:UsersdenniAppDataRoamingWeathernw.dll

2021-04-21 00:09 – 2021-04-21 00:09 – 000914944 _____ (The NW.js Community) [File not signed] C:UsersdenniAppDataRoamingWeathernw_elf.dll

2020-03-20 20:54 – 2020-03-16 14:05 – 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)OriginLIBEAY32.dll

2020-03-20 20:54 – 2020-03-16 14:06 – 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)Originssleay32.dll

2020-03-20 20:54 – 2020-03-20 20:53 – 001611264 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)Originplatformsqwindows.dll

2021-07-11 18:17 – 2020-03-20 20:54 – 005487104 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Core.dll

2021-07-11 18:17 – 2020-03-20 20:54 – 005841920 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Gui.dll

2021-07-11 18:17 – 2020-03-20 20:54 – 001179136 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Network.dll

2021-07-11 18:17 – 2020-03-20 20:54 – 000146432 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5WebSockets.dll

2021-07-11 18:17 – 2020-03-20 20:54 – 005089792 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Widgets.dll

2021-07-11 18:17 – 2020-03-20 20:54 – 000184832 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)OriginQt5Xml.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000047104 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029audioqtaudio_windows.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000026112 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029imageformatsqgif.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000027136 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029imageformatsqico.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000243712 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029imageformatsqjpeg.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000223744 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029imageformatsqmng.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000020992 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029imageformatsqsvg.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000332288 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029imageformatsqtiff.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 001140224 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029platformsqwindows.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 004943360 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Core.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 005022208 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Gui.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000626176 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Multimedia.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000877056 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Network.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 002908672 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Qml.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 003078656 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Quick.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000259072 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Svg.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 004718080 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Widgets.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000439296 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5WinExtras.dll

2021-07-28 12:18 – 2021-07-28 12:18 – 000159232 _____ (The Qt Company Ltd.) [File not signed] E:Battle.netBattle.net.13029Qt5Xml.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_271binssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_271binjp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU.DEFAULT…localhost -> localhost

IE trusted site: HKUS-1-5-21-386562958-4221920933-1689164847-1003…localhost -> localhost

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2018-04-11 18:38 – 2018-04-11 18:36 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-386562958-4221920933-1689164847-1001Control PanelDesktop\Wallpaper -> C:WINDOWSwebwallpaperWindowsimg0.jpg

HKUS-1-5-21-386562958-4221920933-1689164847-1003Control PanelDesktop\Wallpaper -> C:UsersdenniAppDataRoamingMozillaFirefoxDesktop Background.bmp

DNS Servers: 75.75.75.75 – 75.75.76.76

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “Discord”

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “Gaijin.Net Updater”

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “DAEMON Tools Lite Automount”

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “EpicGamesLauncher”

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “Skype for Desktop”

HKUS-1-5-21-386562958-4221920933-1689164847-1003…StartupApprovedRun: => “TSMApplication”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{2E204715-6AA6-43C5-94CC-C6B452DD2757}C:usersdennidesktopfm-v5.9-slippi-r18-windubs by itselffm-slippi-2.3.0-beta.3-winslippi dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-windubs by itselffm-slippi-2.3.0-beta.3-winslippi dolphin.exe () [File not signed]

FirewallRules: [TCP Query User{A0060483-887F-4F3E-B8D2-D931ED06C155}C:usersdennidesktopfm-v5.9-slippi-r18-windubs by itselffm-slippi-2.3.0-beta.3-winslippi dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-windubs by itselffm-slippi-2.3.0-beta.3-winslippi dolphin.exe () [File not signed]

FirewallRules: [UDP Query User{959B556D-84B8-4EB9-B034-197B452E55F2}C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe] => (Block) C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe => No File

FirewallRules: [TCP Query User{C35506CB-46E8-4E85-B76F-8C2CD7C9329E}C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe] => (Block) C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe => No File

FirewallRules: [UDP Query User{E9AC7758-0501-43D6-A079-0BC80300BFA8}C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe] => (Block) C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe => No File

FirewallRules: [TCP Query User{6CDE7959-4D8A-4427-AF1D-2B817350C572}C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe] => (Block) C:usersdennidesktoploop heroloop.hero.build 6344377loop heroloop hero.exe => No File

FirewallRules: [{0F0E82DC-6C37-40B9-A398-4C082100242E}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{1CB49C01-D89C-4649-AAB3-35B3594BAEFF}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{679DB89C-8034-49D6-BD31-F3FFA9DB7D3E}] => (Allow) E:SteamLibrarysteamappscommonhotline_miamiHotlineMiami.exe (Devolver) [File not signed]

FirewallRules: [{9346B3B4-9864-41A9-9F2E-003C840C35D2}] => (Allow) E:SteamLibrarysteamappscommonhotline_miamiHotlineMiami.exe (Devolver) [File not signed]

FirewallRules: [{5CF7E3F0-2307-4666-8986-345E29739467}] => (Allow) E:SteamLibrarysteamappscommonMordhauMordhau.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{2709674E-7775-4BD8-B647-9DFC64B5A183}] => (Allow) E:SteamLibrarysteamappscommonMordhauMordhau.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{C9B06BA9-7E64-417D-828C-FF5CD1E3EDE8}] => (Allow) E:SteamLibrarysteamappscommonTabletop SimulatorTabletop Simulator.exe () [File not signed]

FirewallRules: [{035BE17F-4878-45CC-A672-47BE4BB945C0}] => (Allow) E:SteamLibrarysteamappscommonTabletop SimulatorTabletop Simulator.exe () [File not signed]

FirewallRules: [UDP Query User{A3CCD01E-8E85-41FE-9C3F-BD51F1DD2350}C:program files (x86)steamsteamappscommonoverloadolmod.exe] => (Allow) C:program files (x86)steamsteamappscommonoverloadolmod.exe => No File

FirewallRules: [TCP Query User{B1BFB40A-4870-4986-A8FD-4C43A5DA11DC}C:program files (x86)steamsteamappscommonoverloadolmod.exe] => (Allow) C:program files (x86)steamsteamappscommonoverloadolmod.exe => No File

FirewallRules: [{8BF64228-EF23-4616-B364-0D1A5CFCA619}] => (Allow) C:Program Files (x86)SteamsteamappscommonOverloadOverload.exe => No File

FirewallRules: [{4B1EB09F-B47F-4E6D-8496-E5AF80851BC1}] => (Allow) C:Program Files (x86)SteamsteamappscommonOverloadOverload.exe => No File

FirewallRules: [UDP Query User{32F71B81-1C9E-4F48-A1B2-AF090DB50351}C:usersdennidesktopzeldasoot_iebinarieswin64oot_ie.exe] => (Allow) C:usersdennidesktopzeldasoot_iebinarieswin64oot_ie.exe => No File

FirewallRules: [TCP Query User{0276808E-64BE-4AE7-A0F1-0660A85B9FBF}C:usersdennidesktopzeldasoot_iebinarieswin64oot_ie.exe] => (Allow) C:usersdennidesktopzeldasoot_iebinarieswin64oot_ie.exe => No File

FirewallRules: [{DE9AC8B5-40CC-4129-8E9C-AB1FFCF289BC}] => (Allow) E:SteamLibrarysteamappscommonStoneshardStoneShard.exe () [File not signed]

FirewallRules: [{155EB1C6-FAA0-4956-A75C-A485E49A466C}] => (Allow) E:SteamLibrarysteamappscommonStoneshardStoneShard.exe () [File not signed]

FirewallRules: [UDP Query User{055CD463-488F-4E7E-8D55-8B578ABEF9E5}C:usersdennidesktopmoesonic1.3sonicsrb2kart.exe] => (Block) C:usersdennidesktopmoesonic1.3sonicsrb2kart.exe => No File

FirewallRules: [TCP Query User{F7DEEE3C-F9F7-4258-8900-01B59EFBDA24}C:usersdennidesktopmoesonic1.3sonicsrb2kart.exe] => (Block) C:usersdennidesktopmoesonic1.3sonicsrb2kart.exe => No File

FirewallRules: [UDP Query User{98D8CE66-2AEC-49F7-8A16-C307D35FD7E0}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dolphin.exe () [File not signed]

FirewallRules: [TCP Query User{982654DF-A513-4CCD-BBB8-A1E5B6E72AD6}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dolphin.exe () [File not signed]

FirewallRules: [UDP Query User{A409074E-69A7-4C91-9317-78E0606B1830}E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe] => (Allow) E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{61629100-2ACC-4914-92C0-AAE22C3FA9F6}E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe] => (Allow) E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{22AA1D11-1247-420C-A54E-5BCADE439D21}C:usersdennidesktopfm-v5.9-slippi-r18-winslip dubz v8dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winslip dubz v8dolphin.exe () [File not signed]

FirewallRules: [TCP Query User{17DEEAD6-78FE-4592-B992-748180E785A5}C:usersdennidesktopfm-v5.9-slippi-r18-winslip dubz v8dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winslip dubz v8dolphin.exe () [File not signed]

FirewallRules: [UDP Query User{A32027AA-FE21-4533-989D-1BB943DCE7A7}C:usersdennidesktopmoe sonic 1.3sonicsrb2kart.exe] => (Block) C:usersdennidesktopmoe sonic 1.3sonicsrb2kart.exe => No File

FirewallRules: [TCP Query User{907F09A1-5670-4926-B3E2-7F8F042C7BF7}C:usersdennidesktopmoe sonic 1.3sonicsrb2kart.exe] => (Block) C:usersdennidesktopmoe sonic 1.3sonicsrb2kart.exe => No File

FirewallRules: [UDP Query User{78551F28-2800-4848-B101-AFC0C3FD426A}E:steamlibrarysteamappscommonarma 3arma3_x64.exe] => (Allow) E:steamlibrarysteamappscommonarma 3arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [TCP Query User{7420C5E4-35E1-4BE0-8DFA-133CB7BC0DD0}E:steamlibrarysteamappscommonarma 3arma3_x64.exe] => (Allow) E:steamlibrarysteamappscommonarma 3arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{51F4B3DA-7DFB-4864-921A-760E5F137DCD}] => (Allow) E:SteamLibrarysteamappscommonArma 3arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{3C0AC3E2-9D0F-4CE8-BF69-BC92B251F6CE}] => (Allow) E:SteamLibrarysteamappscommonArma 3arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{C19C653F-FE1B-4D30-A048-14FE94EAFC71}] => (Allow) E:SteamLibrarysteamappscommonDin’s LegacyDinsLegacy.exe (Soldak Entertainment, Inc. -> )

FirewallRules: [{0CDB0BA5-C17D-43C1-8986-E55705EEBE5E}] => (Allow) E:SteamLibrarysteamappscommonDin’s LegacyDinsLegacy.exe (Soldak Entertainment, Inc. -> )

FirewallRules: [{A2C1144B-2824-4DE9-8977-AF74CB6B27B2}] => (Allow) E:SteamLibrarysteamappscommonSoldat 2soldat2.exe () [File not signed]

FirewallRules: [{F9DBB822-F349-4EBD-BD0F-322F58D1853A}] => (Allow) E:SteamLibrarysteamappscommonSoldat 2soldat2.exe () [File not signed]

FirewallRules: [UDP Query User{AC7B7330-0563-4A0E-B68C-918A0841B1D2}E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe] => (Allow) E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{48592D71-ADEA-4C99-A669-83E41F172995}E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe] => (Allow) E:steamlibrarysteamappscommonred dead redemption 2rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{E52E9D40-7AF4-4352-99B5-819C9EF98E47}] => (Allow) E:SteamLibrarysteamappscommonRed Dead Redemption 2PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{419C88E9-C34F-46CD-A569-51F515637DF4}] => (Allow) E:SteamLibrarysteamappscommonRed Dead Redemption 2PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{5A6517D2-8120-49D9-9F4B-732B3E7BADBD}C:usersdennidesktopfm-v5.9-slippi-r18-winslippi dubzdolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winslippi dubzdolphin.exe () [File not signed]

FirewallRules: [TCP Query User{615E34AC-F24A-43C0-8153-B5DF7A4A5583}C:usersdennidesktopfm-v5.9-slippi-r18-winslippi dubzdolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winslippi dubzdolphin.exe () [File not signed]

FirewallRules: [UDP Query User{62FF5AD9-8B43-400F-A30C-36F9F73B6EF9}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dubzdolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dubzdolphin.exe => No File

FirewallRules: [TCP Query User{079DB3E0-11D9-479D-87DE-852E8FBC2F84}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dubzdolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippislippi dubzdolphin.exe => No File

FirewallRules: [{D214C8BD-A7DE-4991-A84C-DCDF6BF5BD78}] => (Allow) E:SteamLibrarysteamappscommonQuake Livequakelive_steam.exe (id Software Inc.) [File not signed]

FirewallRules: [{3236EC6C-B214-45B3-BEB7-38A4A414E27A}] => (Allow) E:SteamLibrarysteamappscommonQuake Livequakelive_steam.exe (id Software Inc.) [File not signed]

FirewallRules: [{C20486BC-68A5-41D6-B593-23B51FCB6D3A}] => (Allow) E:SteamLibrarysteamappscommonWormsXHDLauncher.exe (Team17 Software Ltd) [File not signed]

FirewallRules: [{1723F1BB-91DB-4F4F-A708-2659A3A361FB}] => (Allow) E:SteamLibrarysteamappscommonWormsXHDLauncher.exe (Team17 Software Ltd) [File not signed]

FirewallRules: [{98BB2CEE-23D7-4EF0-82B9-6BC3E91AE25A}] => (Allow) E:SteamLibrarysteamappscommonKing Arthur’s GoldKAG.exe () [File not signed]

FirewallRules: [{2C8BCE7C-0F33-49FB-8557-8C05758A991C}] => (Allow) E:SteamLibrarysteamappscommonKing Arthur’s GoldKAG.exe () [File not signed]

FirewallRules: [{0FB1CD1F-E159-41D4-A26A-003136C3C45C}] => (Allow) E:SteamLibrarysteamappscommonExanimaExanima.exe (Bare Mettle Entertainment Ltd) [File not signed]

FirewallRules: [{7CD70793-F109-4001-B03A-3FAFD6D4861E}] => (Allow) E:SteamLibrarysteamappscommonExanimaExanima.exe (Bare Mettle Entertainment Ltd) [File not signed]

FirewallRules: [{9EC8FA09-6A00-45E2-B90F-8B70457C618C}] => (Allow) E:SteamLibrarysteamappscommonFire Prowrestling WorldFireProWrestlingW.exe () [File not signed]

FirewallRules: [{34A52769-6EF3-4A0F-8B23-87A223BD0AF0}] => (Allow) E:SteamLibrarysteamappscommonFire Prowrestling WorldFireProWrestlingW.exe () [File not signed]

FirewallRules: [{D2E7D5D7-17FB-405E-BE6F-B6078CF97374}] => (Allow) E:SteamLibrarysteamappscommonGunfire RebornGunfire Reborn.exe (广州多益网络股份有限公司 -> )

FirewallRules: [{EA25D9B2-06DA-45CE-8D7A-858D3FFC08C8}] => (Allow) E:SteamLibrarysteamappscommonGunfire RebornGunfire Reborn.exe (广州多益网络股份有限公司 -> )

FirewallRules: [{6267DFED-E04F-4BF4-852D-66F27FC9BF47}] => (Allow) E:SteamLibrarysteamappscommonVRChatVRChat.exe () [File not signed]

FirewallRules: [{37A086D4-1507-4B0A-89B1-105A9140C89B}] => (Allow) E:SteamLibrarysteamappscommonVRChatVRChat.exe () [File not signed]

FirewallRules: [{8890EA85-96A2-4099-9FA8-8BBA25D8AD89}] => (Block) E:wrasslinFire Pro Wrestling World Fighting Road Champion Road BeyondFireProWrestlingW.exe () [File not signed]

FirewallRules: [UDP Query User{B0BD6898-D14A-455C-B02C-45BDE924EACC}C:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) C:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe => No File

FirewallRules: [TCP Query User{D07E3411-D6DD-420D-A660-BF799B7596BD}C:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) C:program filesepic gamesroguecompanyroguecompanybinarieswin64roguecompany.exe => No File

FirewallRules: [UDP Query User{C979F42C-EC2D-45BA-880B-337BF1546B47}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe => No File

FirewallRules: [TCP Query User{2CA3CB98-5283-4EA3-8939-2B9110AB6AD1}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe => No File

FirewallRules: [{B05479DF-2361-42F7-963A-1F531A7B5E0C}] => (Allow) E:SteamLibrarysteamappscommonLeft 4 Dead 2left4dead2.exe () [File not signed]

FirewallRules: [{E11F0D95-143C-4130-93DB-C50B74A01E56}] => (Allow) E:SteamLibrarysteamappscommonLeft 4 Dead 2left4dead2.exe () [File not signed]

FirewallRules: [UDP Query User{6DB5F7BD-1214-4E20-8C4E-E72B6F4C85E6}E:x64wowstarcraftx86_64starcraft.exe] => (Allow) E:x64wowstarcraftx86_64starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query User{155E0FB9-550B-43AB-88CA-06B4025D346C}E:x64wowstarcraftx86_64starcraft.exe] => (Allow) E:x64wowstarcraftx86_64starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [{6113F354-62F3-491B-A0BC-7FE87D71003C}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe => No File

FirewallRules: [{17F94D3F-B8AA-4DCB-9600-AE2A2E48EACE}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe => No File

FirewallRules: [{B0487AFD-0C80-43DB-B532-A489E3845230}] => (Allow) E:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{7A2BA101-C252-458E-B1D0-AE557A25EEA3}] => (Allow) E:SteamLibrarysteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [{7FF14853-BDE9-474A-AC63-0053A3717A5C}] => (Allow) E:SteamLibrarysteamappscommonNuclear Thronenuclearthrone.exe (Vlambeer) [File not signed]

FirewallRules: [{CD531DE9-BA84-48B8-9B8F-5C70355338A0}] => (Allow) E:SteamLibrarysteamappscommonNuclear Thronenuclearthrone.exe (Vlambeer) [File not signed]

FirewallRules: [{F4384148-248C-4BC9-81B0-6704F50A0BAB}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{2CA03465-1920-416C-A0D6-51254E6C6636}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{1118FD03-5883-4CE5-8E10-EB37D5F9DCC9}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{1097554B-189E-4B76-895D-DAF26B27921E}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{8E69270B-EE8D-4E22-A1CF-A6C23234CEE5}] => (Allow) C:Program Files (x86)SteamsteamappscommonThe Binding of Isaac Rebirthisaac-ng.exe () [File not signed]

FirewallRules: [{B5FC380C-9DFC-4CD5-8774-5BE4DE038029}] => (Allow) C:Program Files (x86)SteamsteamappscommonThe Binding of Isaac Rebirthisaac-ng.exe () [File not signed]

FirewallRules: [{0DE48F0A-BB9A-4FD9-823E-7A18F398C6F3}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{BEDF69CA-7819-4BBD-B667-BE89A20EC3DC}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User{265CBA67-5852-42B2-BB6C-F630B3274AE4}C:program filesqcmaqcma.exe] => (Allow) C:program filesqcmaqcma.exe () [File not signed]

FirewallRules: [UDP Query User{0AC22BD6-BD47-494B-B9C2-7F7E2F130325}C:program filesqcmaqcma.exe] => (Allow) C:program filesqcmaqcma.exe () [File not signed]

FirewallRules: [{19508114-FE25-4EDD-9124-8807D469CC03}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe => No File

FirewallRules: [{49BBA551-5253-46C0-934E-2EB74F4CB68E}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe => No File

FirewallRules: [TCP Query User{2E5C0249-BE79-48FB-808F-B0A5C38B3763}C:usersdennidesktopsonicsrb2kart.exe] => (Allow) C:usersdennidesktopsonicsrb2kart.exe => No File

FirewallRules: [UDP Query User{B1EE6356-071E-4245-AB07-E3092C4BC1ED}C:usersdennidesktopsonicsrb2kart.exe] => (Allow) C:usersdennidesktopsonicsrb2kart.exe => No File

FirewallRules: [TCP Query User{EF1F99B4-B08E-4BC9-A52E-70771F78F9DD}C:program filesfilezilla ftp clientfilezilla.exe] => (Allow) C:program filesfilezilla ftp clientfilezilla.exe (Tim Kosse -> FileZilla Project)

FirewallRules: [UDP Query User{E7DDB511-DF7E-4FEC-A359-92F16F882DA9}C:program filesfilezilla ftp clientfilezilla.exe] => (Allow) C:program filesfilezilla ftp clientfilezilla.exe (Tim Kosse -> FileZilla Project)

FirewallRules: [TCP Query User{32045CC5-A69A-4E02-9B84-402355D2FACF}C:usersdenniappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe] => (Allow) C:usersdenniappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe => No File

FirewallRules: [UDP Query User{135085EC-A1A1-42E1-85FC-10BB279D70A8}C:usersdenniappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe] => (Allow) C:usersdenniappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe => No File

FirewallRules: [{C2650422-6B13-4A6D-BDE8-F305223F23B7}] => (Allow) C:WindowsSysWOW64PnkBstrA.exe (Even Balance, Inc. -> )

FirewallRules: [{D0C4A722-CA77-49F2-883D-618184A62474}] => (Allow) C:WindowsSysWOW64PnkBstrA.exe (Even Balance, Inc. -> )

FirewallRules: [{A3B550AB-E534-40CE-8A3E-FC3407A7F871}] => (Allow) C:WindowsSysWOW64PnkBstrB.exe (Even Balance, Inc. -> )

FirewallRules: [{86D46AC0-311B-4BCF-AC0B-A729C2FB6991}] => (Allow) C:WindowsSysWOW64PnkBstrB.exe (Even Balance, Inc. -> )

FirewallRules: [TCP Query User{4ED75EF5-DD4A-4E7B-85BB-9D0F14A8936D}E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]

FirewallRules: [UDP Query User{FFA5865B-DFF8-4B97-9D1E-1A3CA784D313}E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]

FirewallRules: [TCP Query User{492E0CBE-3DE9-41CE-B7DB-E20AD050FA4D}E:steamlibrarysteamappscommonfoxholewarbinarieswin64war-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommonfoxholewarbinarieswin64war-win64-shipping.exe (Clapfoot Inc) [File not signed]

FirewallRules: [UDP Query User{CF4FB9A8-4B74-4BE2-B80A-DA9B1E9E67CE}E:steamlibrarysteamappscommonfoxholewarbinarieswin64war-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommonfoxholewarbinarieswin64war-win64-shipping.exe (Clapfoot Inc) [File not signed]

FirewallRules: [{B46E3971-D5C8-4A9C-8D02-E3F972386A3D}] => (Allow) E:SteamLibrarysteamappscommonFoxholeWar.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{6CA74D5E-1A01-4F61-97D7-F0662B005F43}] => (Allow) E:SteamLibrarysteamappscommonFoxholeWar.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{E5E271E4-AA10-4CB5-99B1-FFF2099E559E}] => (Allow) C:Program FilesParsecparsecd.exe (Parsec Cloud, Inc. -> Parsec)

FirewallRules: [TCP Query User{12477EF0-2545-4730-A914-EAF1B4C5E79D}C:program filestixatitixati.exe] => (Allow) C:program filestixatitixati.exe (Tixati Software Inc. -> Tixati Software Inc.)

FirewallRules: [UDP Query User{3B2683EE-DEAB-4D60-A2F8-2A06BE1D1A49}C:program filestixatitixati.exe] => (Allow) C:program filestixatitixati.exe (Tixati Software Inc. -> Tixati Software Inc.)

FirewallRules: [TCP Query User{C1E82763-BE88-4D5E-A3B2-3081766D8BFE}E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]

FirewallRules: [UDP Query User{E51269AC-B061-490E-A2FB-1660EDCFFEC6}E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommonhell let loosehllbinarieswin64hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [File not signed]

FirewallRules: [TCP Query User{41D17F4E-6D53-4E0E-AAB2-10F9F9D82E56}C:usersdennidesktopsonicsrb2kart.exe] => (Allow) C:usersdennidesktopsonicsrb2kart.exe => No File

FirewallRules: [TCP Query User{670700B5-95B6-4F7F-8590-A26C68672E85}C:usersdenniappdatalocalgooglechromeapplicationchrome.exe] => (Allow) C:usersdenniappdatalocalgooglechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [UDP Query User{43111AF6-6E8D-410C-8B50-995845394FCD}C:usersdenniappdatalocalgooglechromeapplicationchrome.exe] => (Allow) C:usersdenniappdatalocalgooglechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{3AEB826F-7A3F-496D-89CD-4DCEB1B10DFB}C:usersdenniappdatalocalgooglechromeapplicationchrome.exe] => (Allow) C:usersdenniappdatalocalgooglechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [UDP Query User{E05DE494-05AB-4754-8D33-64D589CD597D}C:usersdenniappdatalocalgooglechromeapplicationchrome.exe] => (Allow) C:usersdenniappdatalocalgooglechromeapplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{5C1B1110-3EF7-4C94-9271-DA07A6E50FB9}] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{5B4A0D6E-8C3A-4CE7-A823-F036C281A36B}] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{18B753B3-8BBE-43C7-A702-152321302F73}] => (Allow) E:SteamLibrarysteamappscommonRisk of Rain 2Risk of Rain 2.exe () [File not signed]

FirewallRules: [{F55024BE-5776-4680-A476-AD58058408C8}] => (Allow) E:SteamLibrarysteamappscommonRisk of Rain 2Risk of Rain 2.exe () [File not signed]

FirewallRules: [{C8571127-6471-4ABD-97B1-0FB862DC17F3}] => (Allow) E:SteamLibrarysteamappscommonDeep Rock GalacticFSD.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{4D30A2EA-B13D-4460-A3A0-5084D1FE8E31}] => (Allow) E:SteamLibrarysteamappscommonDeep Rock GalacticFSD.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [TCP Query User{5612FCC9-527F-4DB4-9467-89988C22580E}E:steamlibrarysteamappscommondeep rock galacticfsdbinarieswin64fsd-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommondeep rock galacticfsdbinarieswin64fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]

FirewallRules: [UDP Query User{9AD845EB-D297-42DE-9E7F-EDDA3024B7E3}E:steamlibrarysteamappscommondeep rock galacticfsdbinarieswin64fsd-win64-shipping.exe] => (Allow) E:steamlibrarysteamappscommondeep rock galacticfsdbinarieswin64fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]

FirewallRules: [{ABE48688-BF5D-407C-BD6F-2B2F695D58E9}] => (Allow) E:SteamLibrarysteamappscommonVoid Destroyer 2Void Destroyer 2.exe () [File not signed]

FirewallRules: [{78FB24B0-CB5D-4C31-8E1E-3D1657A198D3}] => (Allow) E:SteamLibrarysteamappscommonVoid Destroyer 2Void Destroyer 2.exe () [File not signed]

FirewallRules: [{7CF37719-7B52-453E-B431-9252D3B59C28}] => (Allow) E:SteamLibrarysteamappscommonDayZDayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{DAA20298-783B-49F9-B979-392EBD14D9CD}] => (Allow) E:SteamLibrarysteamappscommonDayZDayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{47A8FD3D-92B3-4465-B505-C4B15425596D}] => (Allow) E:SteamLibrarysteamappscommonDayZDayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)

FirewallRules: [{AA310DAA-8EE9-42C7-A452-ED59CE88374A}] => (Allow) E:SteamLibrarysteamappscommonDayZDayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)

FirewallRules: [{FA90D28C-9281-4C0D-8B81-BD586985EA80}] => (Allow) E:SteamLibrarysteamappscommonDayZDayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{D50D5EE5-5B2C-43DB-AF07-A00059E1D6B6}] => (Allow) E:SteamLibrarysteamappscommonDayZDayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)

FirewallRules: [{DEB7D891-EDF9-4A3B-8713-3667D204C551}] => (Allow) C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)

FirewallRules: [{A5C0469D-4865-4679-92B9-E73A6A8129A1}] => (Allow) C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)

FirewallRules: [{831E490E-01F9-41DB-A44A-018560A7B4F6}] => (Allow) E:apexApexEasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{C8660187-CFB2-4BB3-A2D7-FCBBAD4A4EB1}] => (Allow) E:apexApexEasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{3AE90625-15A4-4911-B826-2BB1942AC83F}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{979E4B36-D336-49BE-86B4-70B6FAD9237E}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{AB03AFF4-F159-4DFC-95FE-5E3940DEB046}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{31CE5622-DBFE-4241-A60E-7179406E91DA}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{33C93404-D653-4725-8E0F-80F4E2FC7CBA}] => (Allow) E:SteamLibrarysteamappscommonHell Let LooseLaunch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{E2205CB4-D42F-4C4E-A6CC-EF4EDDE830D9}] => (Allow) E:SteamLibrarysteamappscommonHell Let LooseLaunch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{B2B926AE-9021-4E64-966A-23548D630B50}] => (Allow) E:SteamLibrarysteamappscommonPath of ExilePathOfExileSteam.exe (Grinding Gear Games Limited -> )

FirewallRules: [{AFD76C3B-6DFA-4C4B-9CE6-7C168DBBB8BC}] => (Allow) E:SteamLibrarysteamappscommonPath of ExilePathOfExileSteam.exe (Grinding Gear Games Limited -> )

FirewallRules: [TCP Query User{D50BD895-176A-4F25-9133-3B9C54ADEC51}C:usersdennidesktopololmod.exe] => (Allow) C:usersdennidesktopololmod.exe => No File

FirewallRules: [UDP Query User{FF096B0B-D3B3-48F3-9A75-AEBAC4875FDA}C:usersdennidesktopololmod.exe] => (Allow) C:usersdennidesktopololmod.exe => No File

FirewallRules: [TCP Query User{F8791376-5822-48B2-84DE-4C572B253014}E:gtavgta5.exe] => (Allow) E:gtavgta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{7A0A5070-90E7-4766-BB3E-3EAC3652EC33}E:gtavgta5.exe] => (Allow) E:gtavgta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{7B9EFDBC-D3F6-405B-955C-4390B7D0BFA5}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe => No File

FirewallRules: [UDP Query User{79CDB4D8-4D1C-4196-9BD6-3674FC7A899D}C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-winfm-slippidolphin.exe => No File

FirewallRules: [{7F304630-F82D-4224-8742-F5B73C5EF4CD}] => (Allow) E:SteamLibrarysteamappscommonTeam Fortress 2hl2.exe (Valve -> )

FirewallRules: [{193F4BEE-AD44-4E47-A7CE-8E1D3C62EEC3}] => (Allow) E:SteamLibrarysteamappscommonTeam Fortress 2hl2.exe (Valve -> )

FirewallRules: [TCP Query User{EBC90491-87E9-4599-9EED-7545573BACE4}C:usersdennidesktopfm-v5.9-slippi-r18-windolphin new 2 542021fm-slippislippi dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-windolphin new 2 542021fm-slippislippi dolphin.exe () [File not signed]

FirewallRules: [UDP Query User{3DD96A8B-EF89-4B43-B07E-1E95E4B7CBEC}C:usersdennidesktopfm-v5.9-slippi-r18-windolphin new 2 542021fm-slippislippi dolphin.exe] => (Allow) C:usersdennidesktopfm-v5.9-slippi-r18-windolphin new 2 542021fm-slippislippi dolphin.exe () [File not signed]

FirewallRules: [TCP Query User{7910F5B7-8903-4AB3-B3FD-FF372E6ADAAC}E:enlistedenlistedlauncher.exe] => (Allow) E:enlistedenlistedlauncher.exe (Gaijin Network LTD -> Gaijin)

FirewallRules: [UDP Query User{990E81E4-1C8F-4336-8355-F53290533277}E:enlistedenlistedlauncher.exe] => (Allow) E:enlistedenlistedlauncher.exe (Gaijin Network LTD -> Gaijin)

FirewallRules: [{310E99FC-2D9D-486B-85DB-5589D608B0F1}] => (Allow) E:SteamLibrarysteamappscommonGround BranchGroundBranch.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [{BFFB7BBA-7CC4-4651-AB04-530C9C2D20FD}] => (Allow) E:SteamLibrarysteamappscommonGround BranchGroundBranch.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [TCP Query User{7ED91FBA-7E68-4367-BF6A-0833B114C53D}C:programdataregid.1993-06.com.microsoftsvrwebui.exe] => (Block) C:programdataregid.1993-06.com.microsoftsvrwebui.exe (NetSupport Ltd -> NetSupport Ltd)

FirewallRules: [UDP Query User{A9C53E3E-F757-4CF1-8B0D-D667FF7C6D71}C:programdataregid.1993-06.com.microsoftsvrwebui.exe] => (Block) C:programdataregid.1993-06.com.microsoftsvrwebui.exe (NetSupport Ltd -> NetSupport Ltd)

FirewallRules: [{1E018F65-D053-487A-BC60-FC2556BFF4E7}] => (Allow) C:Program Files (x86)MaskVPNmask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)

FirewallRules: [{D7E4501D-FC82-46E7-B8F8-8B1127D39008}] => (Allow) C:Program Files (x86)MaskVPNMaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)

FirewallRules: [{BACB7DAF-388C-46B6-90C5-C1104A55D730}] => (Allow) C:Program Files (x86)MaskVPNMaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)

FirewallRules: [{3015BD48-F246-4E32-953F-CB6F9C4C21B2}] => (Allow) C:Program Files (x86)MaskVPNtunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)

FirewallRules: [{A132C49A-C55E-4C5C-B276-30130B4F19E9}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{748BE9CB-B2A6-49C2-9402-6490A964DBF7}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{1C5D573F-0255-4C7E-B85C-21326080BB56}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{C3DFFD3E-E086-4580-8F18-53178E7944EF}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [TCP Query User{B2A3C203-30C1-4B4B-A8C3-844755B71197}C:programdataregid.1993-06.com.microsoftsvrwebui.exe] => (Block) C:programdataregid.1993-06.com.microsoftsvrwebui.exe (NetSupport Ltd -> NetSupport Ltd)

FirewallRules: [UDP Query User{AE74EE66-D641-4477-9B57-553F66A3272F}C:programdataregid.1993-06.com.microsoftsvrwebui.exe] => (Block) C:programdataregid.1993-06.com.microsoftsvrwebui.exe (NetSupport Ltd -> NetSupport Ltd)

FirewallRules: [TCP Query User{A2C8E656-28DE-4CB7-9AD3-F40C5A70B7BD}C:usersdenniappdataroamingweatherweather.exe] => (Block) C:usersdenniappdataroamingweatherweather.exe (Weather app) [File not signed]

FirewallRules: [UDP Query User{1FDF8C92-4CF4-4C50-A3D3-90EF2F8256D4}C:usersdenniappdataroamingweatherweather.exe] => (Block) C:usersdenniappdataroamingweatherweather.exe (Weather app) [File not signed]

FirewallRules: [{0FC3622A-4851-41D3-9A89-7F409A7825B5}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{045076E2-96F5-4529-BE1A-B12BA9D77978}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{88E55D49-6736-4207-A43B-065210C2914F}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{D89D3572-BD48-404A-9381-FE0B15A7234B}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query User{E5D83507-BDED-4011-B124-FCE87CB240D4}C:usersdennidesktopmoesonic1.3sonic oldestsrb2kart.exe] => (Block) C:usersdennidesktopmoesonic1.3sonic oldestsrb2kart.exe => No File

FirewallRules: [UDP Query User{19C2F49D-152D-4CF4-8904-9AA943F11AFB}C:usersdennidesktopmoesonic1.3sonic oldestsrb2kart.exe] => (Block) C:usersdennidesktopmoesonic1.3sonic oldestsrb2kart.exe => No File

FirewallRules: [{4060BFCA-0166-4B96-9597-CD524953A8B4}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{0E6E2AD6-ACDB-4E72-BDC8-23B2808F2D6C}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{D6417C91-BA99-4212-92CB-8683DF690986}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{124E585B-905E-4DD6-9057-7FDCB0D4B454}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{18C581E2-5A42-46DA-BE9B-6E799DE7B48D}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{679B17A7-B1D4-4100-A9EB-8666DECF0EE2}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{F185FBBB-40B8-4152-87CD-1BE12BDE2F60}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{9D1E0B04-5C97-4C17-9448-09AAD1AB80C1}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{E10F6849-058C-4260-B1D2-D7313E352B27}C:usersdenniappdataroamingweatherweather.exe] => (Block) C:usersdenniappdataroamingweatherweather.exe (Weather app) [File not signed]

FirewallRules: [UDP Query User{F5C542A3-5123-4DCB-B043-6A12E85CF3C1}C:usersdenniappdataroamingweatherweather.exe] => (Block) C:usersdenniappdataroamingweatherweather.exe (Weather app) [File not signed]

FirewallRules: [{9A53E2EB-E4C0-46FF-9563-F8BF789509F8}] => (Allow) E:SteamLibrarysteamappscommonBack4BloodBetaGobiBinariesWin64Back4Blood.exe (Turtle Rock Studios, Inc. -> WB Games)

FirewallRules: [{B7E364ED-D9F2-4F87-931E-EB2DD12DB1C0}] => (Allow) E:SteamLibrarysteamappscommonBack4BloodBetaGobiBinariesWin64Back4Blood.exe (Turtle Rock Studios, Inc. -> WB Games)

FirewallRules: [{9E9B85BF-BA20-47E1-A1FE-FC3DCE57BD12}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{39E1DAFE-D79E-4BAF-899B-96C02B7713BB}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{C853BAA8-22B6-4C62-BFCC-993363B210C1}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{EFB0E941-08AB-4C54-B89C-945E9C3A2AD7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{256D8B4E-6F06-4855-8307-63F3A91B8849}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{6DE7195B-FB3E-42E7-B65F-C0C69F48D74C}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{7B18E4D4-0B31-4A99-B972-0645CC63ADA7}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{CEDAF396-175A-4EA7-BEB6-E3609A887DEE}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{78272E93-D24D-49AF-A796-BC5CADED29A6}] => (Allow) C:Program Files (x86)Overwolf.174.87.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{DF241EC9-7B26-4AB1-BF56-1D16F34097D0}] => (Allow) C:Program Files (x86)Overwolf.174.87.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{F98349E4-158F-4B1F-ABB6-075CCE7D011E}] => (Block) C:Program Files (x86)Overwolf.174.87.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{97CA11FA-77A3-4A89-83E9-621C2A47E2B9}] => (Block) C:Program Files (x86)Overwolf.174.87.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{400CC991-0100-4017-A546-32CFC976673C}] => (Allow) C:Program Files (x86)Overwolf.176.87.27OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{926BB598-212F-43AE-8AD7-CCAB262D7779}] => (Allow) C:Program Files (x86)Overwolf.176.87.27OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{17F536F8-3F21-4390-92F5-A5BAE918D6AC}] => (Block) C:Program Files (x86)Overwolf.176.87.27OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{8934D56F-98E6-4068-80EA-473ADD61336D}] => (Block) C:Program Files (x86)Overwolf.176.87.27OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

 

==================== Restore Points =========================

 

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (08/11/2021 09:45:28 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004C003

Command-line arguments:

RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/11/2021 09:45:28 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )

Description: Acquisition of End User License failed. hr=0xC004C003

Sku Id=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c

 

Error: (08/11/2021 09:45:28 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )

Description: License acquisition failure details. 

hr=0xC004C003

 

Error: (08/11/2021 09:45:26 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )

Description: Acquisition of End User License failed. hr=0xC004C003

Sku Id=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c

 

Error: (08/11/2021 09:45:26 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )

Description: License acquisition failure details. 

hr=0xC004C003

 

Error: (08/11/2021 09:45:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x80072EE7

Command-line arguments:

RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

 

Error: (08/11/2021 09:45:20 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )

Description: Acquisition of End User License failed. hr=0x80072EE7

Sku Id=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c

 

Error: (08/11/2021 09:45:20 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )

Description: License acquisition failure details. 

hr=0x80072EE7

 

 

System errors:

=============

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

Error: (08/08/2021 02:01:29 AM) (Source: nvlddmkm) (EventID: 13) (User: )

Description: Event-ID 13

 

 

Windows Defender:

================

Date: 2021-07-24 15:43:10

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-22 23:57:02

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-22 05:13:22

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-21 00:08:18

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-07-19 23:56:58

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan



CodeIntegrity:

===============

Date: 2021-08-05 13:27:02

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume1Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-06-27 03:08:45

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program Files (x86)MicrosoftEdgeApplicationmsedge.exe) attempted to load DeviceHarddiskVolume1Program Files (x86)Overwolf.173.0.16OWExplorer.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-06-11 17:40:43

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program FilesStreamlabs OBSStreamlabs OBS.exe) attempted to load DeviceHarddiskVolume1Program Files (x86)Overwolf.170.48.15OWExplorer.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-06-11 00:34:16

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program Files (x86)MicrosoftEdgeApplicationmsedge.exe) attempted to load DeviceHarddiskVolume1Program Files (x86)Overwolf.170.48.15OWExplorer.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-05-27 15:29:41

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume1Program FilesStreamlabs OBSStreamlabs OBS.exe) attempted to load DeviceHarddiskVolume1Program Files (x86)Overwolf.170.0.13OWExplorer.dll that did not meet the Microsoft signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 2501 07/21/2014

Motherboard: ASUSTeK COMPUTER INC. P8Z77-V LX

Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz

Percentage of memory in use: 35%

Total physical RAM: 16328.76 MB

Available physical RAM: 10547.89 MB

Total Virtual: 19351.52 MB

Available Virtual: 11791.39 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:222.73 GB) (Free:19.45 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: () (Fixed) (Total:931.32 GB) (Free:130.8 GB) NTFS

 

\?Volume{615a39c5-0000-0000-0000-90ae37000000} () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 615A39C5)

Partition 1: (Active) – (Size=222.7 GB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=861 MB) – (Type=27)

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C9370F8C)

Partition 1: (Active) – (Size=200 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=931.3 GB) – (Type=07 NTFS)

 

==================== End of Addition.txt =======================




Original Source by [author_name]

Leave a Reply

Your email address will not be published.

+ thirty four = 35