Addition (segundaparte)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2006-05-14] () [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [EPPShellEx] -> {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} => C:\Program Files (x86)\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll [2006-04-13] (SEIKO EPSON CORPORATION) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-10-25] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2008-07-07] (PowerISO Computing, Inc.) [File not signed]
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DHAMPIRD\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-28] (Mega Limited -> )
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2006-05-14] () [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-3597564769-968549059-3920177797-1005: [FlexHEX Menu] -> {6514CF27-CAB1-4577-81A9-EC81618C5003} => C:\Program Files (x86)\FlexHEX\FlexCtx64.dll [2018-06-30] (Inv Softworks LLC -> Inv Softworks LLC)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\DHAMPIRD\Desktop\SWITCH\CDNSP(USAR ESTE).lnk -> C:\Users\DHAMPIRD\Desktop\SWITCH\CDNSP(USAR ESTE).bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\SWITCH\NSCB.bat.lnk -> C:\SWITCH\NSC_BUILDER-master\NSCB.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\+++++++5.05 LAST UPDATES (USAR ESTE ES EL ULTIMO)++++++.lnk -> C:\PS4\+5.05 LAST UPDATES+\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\++++++XPLOIT HEN1.8+ VR 5.05.bat.lnk -> C:\PS4\+ps4-hen-VR 505+\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT ALL PAYLOADS SERVER LAN.bat.lnk -> C:\PS4\ALL PAYLOADS\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT HEN V1.7 SERVER LAN.lnk -> C:\PS4\5.0.5 ps4-hen-vtx v1.7\exploit\5.05 XPLOIT HEN V1.7 SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT SERVER LAN 1.8 HEN.bat.lnk -> C:\PS4\HEN 1.8\5.05 XPLOIT SERVER LAN 1.8 HEN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT SERVER LAN.lnk -> C:\PS4\5.05\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XPLOIT VORTEX HEN AND MIRA SERVER LAN.lnk -> C:\PS4\5.05 Vortex and MIRA\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\Desktop\PS4\5.05 XVORTEX SIN MIRA XPLOIT SERVER LAN.lnk -> C:\PS4\5.05-hen-vtx\exploit\5.05 XPLOIT SERVER LAN.bat ()
Shortcut: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\Visitar o site do DVDFab.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&p=x64&v=11.0.3.
ShortcutWithArgument: C:\Users\DHAMPIRD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-07-10 14:25 - 2013-04-25 04:01 - 000028160 _____ () [File not signed] C:\altera\13.0\quartus\bin64\ccl_ver.dll
2019-07-10 14:25 - 2013-04-25 02:50 - 000879616 _____ () [File not signed] C:\altera\13.0\quartus\bin64\dinkum_alt.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000326144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2019-02-22 23:55 - 2008-03-07 11:55 - 000053248 _____ () [File not signed] C:\Program Files (x86)\myiHome\app\jRegistryKey.dll
2019-02-22 23:55 - 2008-03-07 11:55 - 000058368 _____ () [File not signed] C:\Program Files (x86)\myiHome\app\jshortcut.dll
2019-02-22 23:55 - 2008-03-07 11:55 - 000051200 _____ () [File not signed] C:\Program Files (x86)\myiHome\app\TrayIcon12.dll
2019-03-14 15:54 - 2019-03-14 15:54 - 000038400 _____ () [File not signed] C:\Program Files\Elgato\StreamDeck\giflib5.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000336384 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\ac3_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000750080 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\flv_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001558016 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\h264_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000817152 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\hevc_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000578560 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mp3_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000547840 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mpeg1video_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000559616 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mpeg2video_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001267200 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\mpeg4_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001496576 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\msmpeg4v2_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001496576 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\msmpeg4v3_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 000257536 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\svq1_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 002117120 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\vc1_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001717248 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\vp9_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 001496576 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\wmv1_decoder.dll
2019-10-14 01:58 - 2019-10-14 01:58 - 002117120 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Plex Media Server\Codecs\20fed83-2561-windows-x86\wmv3_decoder.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000114176 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ctypes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000173056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_elementtree.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001808896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_hashlib.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000032256 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_multiprocessing.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000046080 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_psutil_windows.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000047616 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_socket.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 002241024 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_ssl.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026112 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\_yappi.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000080896 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\bz2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000016384 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\common.time34.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000007680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\hashobjs_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000301568 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\PIL._imaging.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000169472 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pyexpat.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001084416 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pysqlite2._sqlite.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000548864 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pythoncom27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137728 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\pywintypes27.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000010752 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\select.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\thumbnails_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000689664 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\unicodedata.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000119808 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\usb_ext.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000128512 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32api.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000438784 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32com.shell.shell.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000011776 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32crypt.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000023040 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32event.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000149504 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32file.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000223232 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32gui.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000048128 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32inet.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000029696 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pdh.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000027648 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32pipe.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000044032 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32process.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32profile.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000136192 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32security.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000026624 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\win32ts.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000034816 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.conditional.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000038400 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.connectivity.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000071680 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.device_monitor.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000109056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.volumes.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000020480 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\windows.winwrap.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001325056 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._controls_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001489408 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._core_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001007104 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._gdi_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000103424 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._html2.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 000916992 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._misc_.pyd
2019-12-20 01:42 - 2019-12-20 01:42 - 001039872 _____ () [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wx._windows_.pyd
2017-03-28 14:32 - 2017-03-28 14:32 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2019-12-16 05:38 - 2019-12-16 05:38 - 002253824 _____ (deniszykov) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\deniszykov.615d72e4#\703fbff8d67cf85e8e89507c9120a9af\deniszykov.WebSocketListener.ni.dll
2017-05-17 09:26 - 2019-03-27 19:15 - 005200576 _____ (Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll
2017-03-28 14:34 - 2017-03-28 14:34 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2019-02-12 14:36 - 2019-02-12 14:36 - 000189952 _____ (Elgato Systems GmbH) [File not signed] C:\Program Files\Elgato\GameCapture\EGCAPILite.dll
2019-02-12 14:22 - 2019-02-12 14:22 - 001029632 _____ (Elgato Systems GmbH) [File not signed] C:\Program Files\Elgato\SoundCapture\ElgatoVAD_Router.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2019-07-10 14:25 - 2013-04-25 02:50 - 000070144 _____ (Intel Corporation) [File not signed] C:\altera\13.0\quartus\bin64\tbbmalloc.dll
2019-07-10 14:25 - 2013-04-25 02:50 - 000024576 _____ (Intel Corporation) [File not signed] C:\altera\13.0\quartus\bin64\tbbmalloc_proxy.dll
2019-12-20 09:58 - 2019-12-20 09:58 - 000198144 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\DHAMPIRD\AppData\Local\JDownloader v2.0\tmp\jna\jna3475133438970945181.dll
2019-12-16 05:38 - 2019-12-16 05:38 - 000399360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\eda9371edfe3a881cbc7bebd02829c0c\Microsoft.WindowsAPICodePack.ni.dll
2019-12-16 05:36 - 2019-12-16 05:36 - 002888192 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\ba1b954bb351d340490b8af0c8feff26\Newtonsoft.Json.ni.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\python27.dll
2016-04-19 11:02 - 2016-04-19 11:02 - 001006080 ____R (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2019-03-14 15:54 - 2019-03-14 15:54 - 001742848 _____ (SQLite Development Team) [File not signed] C:\Program Files\Elgato\StreamDeck\sqlite3.dll
2017-02-06 14:25 - 2017-02-06 14:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\libeay32.dll
2017-02-06 14:25 - 2017-02-06 14:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\ssleay32.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-03-14 15:54 - 2019-03-14 15:54 - 002278912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Elgato\StreamDeck\LIBEAY32.dll
2019-03-14 15:54 - 2019-03-14 15:54 - 000386560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Elgato\StreamDeck\ssleay32.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-09-10 21:24 - 2018-09-10 21:24 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-03-07 19:18 - 2019-03-07 19:18 - 000047616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\bearer\qgenericbearer.dll
2019-03-07 19:17 - 2019-03-07 19:17 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qgif.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qicns.dll
2019-03-07 19:17 - 2019-03-07 19:17 - 000032256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qico.dll
2019-03-07 19:18 - 2019-03-07 19:18 - 000397312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qjpeg.dll
2019-03-07 19:38 - 2019-03-07 19:38 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qsvg.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qtga.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000374272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qtiff.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qwbmp.dll
2019-03-07 19:37 - 2019-03-07 19:37 - 000491520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\imageformats\qwebp.dll
2019-03-07 19:19 - 2019-03-07 19:19 - 001449472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\platforms\qwindows.dll
2019-04-17 11:27 - 2019-04-17 11:27 - 006129152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Core.dll
2019-03-07 19:14 - 2019-03-07 19:14 - 006459392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Gui.dll
2019-03-07 20:14 - 2019-03-07 20:14 - 000719360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Multimedia.dll
2019-03-07 19:14 - 2019-03-07 19:14 - 001314816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Network.dll
2019-03-07 20:33 - 2019-03-07 20:33 - 000317440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Positioning.dll
2019-03-07 19:17 - 2019-03-07 19:17 - 000318464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5PrintSupport.dll
2019-03-07 20:04 - 2019-03-07 20:04 - 004006400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Qml.dll
2019-03-07 19:59 - 2019-03-07 19:59 - 003773952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Quick.dll
2019-03-07 20:01 - 2019-03-07 20:01 - 000072704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5QuickWidgets.dll
2019-03-07 19:38 - 2019-03-07 19:38 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Svg.dll
2019-03-07 20:18 - 2019-03-07 20:18 - 000113664 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebChannel.dll
2019-03-08 00:11 - 2019-03-08 00:11 - 077765120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebEngineCore.dll
2019-03-08 00:32 - 2019-03-08 00:32 - 000227840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebEngineWidgets.dll
2019-03-07 20:13 - 2019-03-07 20:13 - 000148992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5WebSockets.dll
2019-03-07 19:16 - 2019-03-07 19:16 - 005579776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\Qt5Widgets.dll
2019-03-07 19:18 - 2019-03-07 19:18 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Elgato\StreamDeck\styles\qwindowsvistastyle.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_net_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxbase30u_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_adv_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_core_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_html_vc90_x64.dll
2019-12-20 01:42 - 2019-12-20 01:42 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\DHAMPIRD\AppData\Local\Temp\_MEI68562\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: EAGLESCR => "c:\EAGLE 8.7.0\eagle.exe" -C "" "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-07-31 15:50 - 2019-12-05 03:48 - 000000159 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 telemetry.mwbsys.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Toon Boom Animation\Toon Boom StoryboardProTrial\nt\bin;C:\Program Files (x86)\Common Files\Autodesk Shared\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\Backburner\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\nodejs\;C:\Program Files\Git\cmd;C:\Program Files (x86)\GtkSharp\2.12\bin;c:\users\dhampird\appdata\local\programs\python\python37\Scripts;C:\Program Files (x86)\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Windows Live\Shared;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014046400\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014034361\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047244\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014036595\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014047869\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014042369\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014048807\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\DHAMPIRD\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\Control Panel\Desktop\\Wallpaper -> C:\Users\DHAMPIRD\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\Control Panel\Desktop\\Wallpaper -> C:\Users\DHAMPIRD\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 213.60.205.175
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HDDHealth.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "MMTray"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Copiar 1)"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "DisplayFusion"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Copiar 1)"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "DisplayFusion"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014044384\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Copiar 1)"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "DisplayFusion"
HKU\S-1-5-21-3597564769-968549059-3920177797-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12202019014049760\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A910962C-DF36-438E-8B6E-3D6390C6F084}] => (Allow) LPort=8920
FirewallRules: [{FE4C239C-F90D-45CF-9459-28D0E37CBCBF}] => (Allow) LPort=8096
FirewallRules: [{6E168321-8409-4523-8363-5ABECE40190F}] => (Allow) LPort=7359
FirewallRules: [{28D04831-3AEF-4C51-919A-E3E08C9E036C}] => (Allow) C:\altera\13.0\quartus\bin64\jtagserver.exe () [File not signed]
FirewallRules: [{48FFBA4C-0190-4DAF-9E24-D51CD82E05EB}] => (Allow) C:\altera\13.0\quartus\bin64\jtagserver.exe () [File not signed]
FirewallRules: [UDP Query User{F7E20FFC-CF94-433D-8960-876CE64D55B0}C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe () [File not signed]
FirewallRules: [TCP Query User{4CED3F85-D677-44A5-A1FD-ADCA92CAE4FE}C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\bin64\quartus_pgmw.exe () [File not signed]
FirewallRules: [UDP Query User{89E27FDF-F20A-4EE1-AA7E-E6FC2DE37148}C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe () [File not signed]
FirewallRules: [TCP Query User{1A4FC502-A34D-4140-A31B-489E9B34A23C}C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe] => (Allow) C:\intelfpga_pro\18.0\qprogrammer\sopc_builder\bin\system-console.exe () [File not signed]
FirewallRules: [{06C7E44E-2A5D-46C6-A519-F257C70B8F43}] => (Allow) C:\intelFPGA_pro\18.0\qprogrammer\bin64\jtagserver.exe () [File not signed]
FirewallRules: [{5AF7263D-2A03-4E61-A25A-F4068A67A396}] => (Allow) C:\intelFPGA_pro\18.0\qprogrammer\bin64\jtagserver.exe () [File not signed]
FirewallRules: [UDP Query User{E12C013D-BC69-4B53-8D8D-F7BC54515385}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{69A544C3-FB8C-4FF7-B40A-70F9197EAFED}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{0873C46A-2B21-4210-BD69-EB463BA277B2}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{C485F2D2-8F75-4057-9652-057C13D9D87B}] => (Allow) LPort=1900
FirewallRules: [{26CEC78D-A341-46BA-8FFD-7F51029E9233}] => (Allow) LPort=2869
FirewallRules: [{EC4EE69E-4A29-4A8C-AFA6-594EA46BCB42}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3CF981F4-5AE6-48ED-B734-ABEDF6FBBCAC}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{F9ABC6ED-E92B-4E98-A239-74A9A1A5BA49}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{15D981A0-709C-4F1B-AD64-71260343D651}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{2C0DE502-9E9D-4665-9CA5-7DCA6576BFB0}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8820A744-D333-47BE-A994-34CD973A6186}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [{22BE7613-CEAE-4731-9FB9-D4E9D81B8017}] => (Allow) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [{75DA909F-1E1B-4FDF-A9A1-52328062F332}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E99550B7-BBB0-480D-98FE-D747F41BDC6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8039F889-5686-40C7-BF23-743DF6188907}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A82583A1-9A97-4B1A-9B69-E240879DFF09}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0310FDAD-6257-4279-9C72-927D0143B4AB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A9135D4-144B-44A9-8D9E-166A72A81076}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E1CAF2B-1029-4305-AC9E-D7BA52147D73}] => (Allow) C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{A3E1D6C0-A220-4E1B-A8EF-AE7A0D95E638}] => (Allow) C:\Users\DHAMPIRD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{034CD533-512E-40CC-94CD-A60C15EFDE3D}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [UDP Query User{88B89EF8-956A-484A-83E6-6C6FDEEE0FF9}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [{293054B4-B81C-4DC7-A93C-05DF7E9DA3A5}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{6DA6A2F3-81D0-4D36-93D8-8D90B47071BC}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{2AE9DDF9-57EF-4CEE-B277-97AE68D9DC59}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{076E79AF-81F1-4883-AE5C-399525C3CE4A}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 9\Anime Studio Pro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [TCP Query User{23D5689C-E46C-43C9-9D9D-014D9E448813}C:\program files (x86)\western digital\wd discovery software\wd discovery.exe] => (Allow) C:\program files (x86)\western digital\wd discovery software\wd discovery.exe () [File not signed]
FirewallRules: [UDP Query User{1D485239-FA34-476E-8648-3D504A063EDE}C:\program files (x86)\western digital\wd discovery software\wd discovery.exe] => (Allow) C:\program files (x86)\western digital\wd discovery software\wd discovery.exe () [File not signed]
FirewallRules: [{0B28550C-03C0-4E01-823A-16B137414138}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe () [File not signed]
FirewallRules: [{891D1AD9-35E5-48E9-9DCC-C3F8C96D2F7F}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe () [File not signed]
FirewallRules: [{BBF97C9C-ADB5-4CC0-BD52-CE5984B0B859}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [{51D62331-33DA-4272-BAB2-F0681EB76E12}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [TCP Query User{A11BC32A-A697-4F2B-A36F-5BC57B4AA21E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{B8733577-D12E-4A2B-A747-F9F1893EB094}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{024DE33B-D02F-4F85-AEB9-051AE98F46B0}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{9AAFC3E1-D040-4E10-8579-1EF242A71559}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{2EDBE87A-2F65-4B64-9D19-4742968CDD4C}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [UDP Query User{5DA6532C-D6C4-4535-B86F-668A5AEDF33E}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [TCP Query User{67E6995C-8C9A-4153-8255-E84E9269BFDF}C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe] => (Allow) C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{199CF609-674F-4797-B7A3-8DF72D7D3F6F}C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe] => (Allow) C:\program files (x86)\nordic games\deadfall adventures\binaries\win32\advgame-win32-shipping.exe () [File not signed]
FirewallRules: [{D578E6C0-4858-4082-A82E-F40BFABD609E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41F3BE84-2F0B-4CA8-834B-688E8E1D98C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{400ECE04-467A-46D8-AC24-AFBBD3EDA01E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5AA56289-294C-4172-91FA-3F899A16BB90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D910058D-2CAF-4602-9722-428C0DC1AAEC}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe (Autodesk, Inc -> Autodesk, Inc.)
FirewallRules: [UDP Query User{17D0BC4E-A4BF-4863-A09D-8116A395B865}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe (Autodesk, Inc -> Autodesk, Inc.)
FirewallRules: [TCP Query User{2226F5C0-7A9A-473B-80F2-1460F928D494}C:\daphne\daphneloader.exe] => (Allow) C:\daphne\daphneloader.exe () [File not signed]
FirewallRules: [UDP Query User{E3AB375A-ABD9-40DB-BF4B-B1ECC630FC90}C:\daphne\daphneloader.exe] => (Allow) C:\daphne\daphneloader.exe () [File not signed]
FirewallRules: [{C325CF06-D365-4B3E-9A9E-B8BAEF1867D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{914E4CE1-858B-46D3-B45D-AD7BF3D8B100}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{504F69D2-E5D5-43D1-9970-D852F59E21A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{D179DBB9-ED62-42B6-8AB8-D618B09CA864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [TCP Query User{A018B2A7-133B-4C89-94A9-46A5EB2E8B76}C:\program files (x86)\xbox\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\xbox\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [UDP Query User{09A3A78D-70DF-433F-B60C-7F9B55EF951B}C:\program files (x86)\xbox\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\xbox\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [{A517A062-DFA5-47F2-B624-25220FCE481B}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{44E2DF93-9447-44E1-8717-82652FB9A80E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{FD249A69-0AA3-4DD2-9BF5-17094AC5A78A}] => (Block) %ProgramFiles% (x86)\Nero\Nero 10\Nero Burning ROM\nero.exe No File
FirewallRules: [TCP Query User{4659D469-4091-4F5E-8C31-0B69AF83B828}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [UDP Query User{15A8C5A7-EFAD-41BE-9B74-B073F0C35368}C:\program files (x86)\myihome\app\myihome-server.exe] => (Allow) C:\program files (x86)\myihome\app\myihome-server.exe () [File not signed]
FirewallRules: [TCP Query User{226D935C-BD56-4BA6-A35D-442FFFC676B9}C:\program files (x86)\xlink kai\kaiengine.exe] => (Allow) C:\program files (x86)\xlink kai\kaiengine.exe (hxxp://www.teamxlink.co.uk (Team XLink)) [File not signed]
FirewallRules: [UDP Query User{6D202FE9-2F12-4AE8-A9FA-49CEE61A66A5}C:\program files (x86)\xlink kai\kaiengine.exe] => (Allow) C:\program files (x86)\xlink kai\kaiengine.exe (hxxp://www.teamxlink.co.uk (Team XLink)) [File not signed]
FirewallRules: [{8FB96662-25D8-4338-AADD-E018B2F79E5E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3AA6228C-A1D0-4EE8-8302-79D159D9152A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{B5CBA079-DBF8-4CF0-9BED-555716741450}C:\program files (x86)\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [UDP Query User{C3DB772D-0145-4160-9A0F-0AC13DBAA891}C:\program files (x86)\ccxgui\ccxstream.exe] => (Allow) C:\program files (x86)\ccxgui\ccxstream.exe () [File not signed]
FirewallRules: [TCP Query User{2C250868-1A41-4ACF-B6EF-39E922225E31}C:\program files\opentoonz 1.1\opentoonz_1.1.exe] => (Allow) C:\program files\opentoonz 1.1\opentoonz_1.1.exe () [File not signed]
FirewallRules: [UDP Query User{EF858506-27CD-4D64-845B-70E4B00E02B7}C:\program files\opentoonz 1.1\opentoonz_1.1.exe] => (Allow) C:\program files\opentoonz 1.1\opentoonz_1.1.exe () [File not signed]
FirewallRules: [{CE8C06F3-E02C-4534-BA26-6C3E5722DA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{08F95406-5A80-45DE-A7FB-5FDD5CDD90F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{4ADDB89E-58C8-4B0F-BB86-88883FDFF284}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [{78114A02-C3AD-4B36-ACB6-FC8E194F7EFB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F7A43C4-9F1A-45BF-A1C3-64BF65027611}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6CB8C66F-6FFE-4901-B783-22F4CC91E5C6}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
FirewallRules: [{4A2CB402-2EF5-47F9-B464-C25645C96787}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe No File
FirewallRules: [TCP Query User{1588D06C-9DD9-49B8-B0C0-68C622A8B544}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{E1C74976-7AA0-4C1C-91FD-F10FE4BEE2A0}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [{9F04F4F8-4D3F-4C6A-AB2E-4DAD07467E87}] => (Allow) LPort=85
FirewallRules: [{5357BC53-36D2-4D95-BD7E-5DF6DB0D566E}] => (Allow) LPort=1985
FirewallRules: [{AB891726-68F1-4D89-BF56-791F2752E148}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{D19B2E54-86B0-493A-89A1-8F211B36DB89}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74A91729-9FDD-4437-851B-53E01F90F989}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB04B0DC-16C1-47AA-9830-C25F3E599F85}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{9B6F6A02-2E4E-40B1-8854-0BACC2D0BEEE}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{AD3C2C83-D129-445E-8DE2-2729483C143A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{07B63E6E-8299-4CD8-A080-47234F49EAEF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{D9CB2431-0AE9-4A59-BBA9-A4B4D8B3D67A}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{E2523B0F-3DDA-40CF-8EC8-11DF200C16A9}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{5D9FCA19-C56B-4D99-A364-B2B7D8753363}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [{78040107-A417-4322-AC41-09906EA2A2FC}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies SF -> Unity Technologies ApS)
FirewallRules: [{245B9D3E-1A6B-4C43-A530-E449BEE78EEC}] => (Allow) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe (Node.js Foundation -> Node.js) [File not signed]
FirewallRules: [{B1B6906D-C580-45FB-B69A-37A6B9F56A48}] => (Block) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe (Node.js Foundation -> Node.js) [File not signed]
FirewallRules: [TCP Query User{651232D9-D998-4547-B296-A86E8762E931}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies SF -> Unity Technologies ApS)