Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020 Ran by gary_ (17-06-2020 11:56:00) Running from C:\Users\gary_\Desktop Windows 10 Home Version 1903 18362.900 (X64) (2019-09-06 00:50:24) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-369767717-942642580-508085590-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-369767717-942642580-508085590-503 - Limited - Disabled) gary_ (S-1-5-21-369767717-942642580-508085590-1001 - Administrator - Enabled) => C:\Users\gary_ Guest (S-1-5-21-369767717-942642580-508085590-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-369767717-942642580-508085590-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.) 12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-d8cf81da-6e2f-4a46-b567-a5ef806bf060) (Version: 3.0.2.118 - WildTangent) Hidden Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe) Amazon Assistant (HKLM-x32\...\{6C2156D3-0DE6-406C-9E5F-2048BEDB7452}) (Version: 10.18.0221 - Amazon) <==== ATTENTION App Place for Toshiba (HKLM-x32\...\App Place for Toshiba) (Version: 6.5.4 - IS AppCloud Software) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.1.0.17816 - Perfect World Entertainment) Azkend 2: The World Beneath (HKLM-x32\...\WTA-3af42e32-1a6a-432f-9b2e-760dd0f332da) (Version: 2.2.0.98 - WildTangent) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.48.2 - Bethesda Softworks) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.) Bluetooth(R) Link (HKLM\...\{936D21BF-3344-4B20-BC4C-3B67580C19F5}) (Version: 4.3.04 - Toshiba Corporation) Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-89c39c6d-6ef9-462d-8972-c7e3ef00814f) (Version: 3.0.2.48 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform) CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 81.1.4223.141 - Piriform Software) CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.6.607.0 - Piriform Software) Hidden Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.24.51 - Conexant) Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - ) Creation Kit: Skyrim (HKLM-x32\...\Creation Kit: Skyrim) (Version: - Bethesda Softworks) CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.) Hidden CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4425.0 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4425.0 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5509.05 - CyberLink Corp.) DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.2.0.0708 - Disc Soft Ltd) Dark Souls Prepare to Die Edition (HKLM-x32\...\{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Delicious - Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-5bf399d2-dbba-432f-b6df-003b522552e6) (Version: 3.0.2.48 - WildTangent) Hidden digi.me (HKLM-x32\...\digi.me) (Version: 7.0.9 - digi.me Limited) Discord (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) Documentation Manager (HKLM\...\{59C2C057-0051-48B0-8570-75E21B5BBAE1}) (Version: 21.90.3.2 - Intel Corporation) Hidden Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit) Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.) ELAN Touchpad 15.8.12.5_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.12.5 - ELAN Microelectronic Corp.) Epic Games Launcher (HKLM-x32\...\{5D2C53C5-AA9C-493F-99B6-A8F458A62EAB}) (Version: 1.1.229.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Family Vacation 2: Road Trip (HKLM-x32\...\WTA-3cfdda21-564b-4b05-9c9f-3208936f0ad7) (Version: 3.0.2.59 - WildTangent) Hidden Firestorm Launcher versión 1.3 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.3 - Firestorm) FontCreator 5.6 (HKLM-x32\...\FontCreator55_is1) (Version: - High-Logic) FontForge versión 31-07-2017 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 31-07-2017 - FontForgeBuilds) GameRanger (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\GameRanger) (Version: - GameRanger Technologies) Garrys Mod version 14.09.08 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 14.09.08 - Strogino CS Portal) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games) Halo 2 MULTi8 - ElAmigos version 1.0 (HKLM-x32\...\{396007F7-83CF-4439-BB0A-78DC7CA091C6}_is1) (Version: 1.0 - Microsoft) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) High-Logic FontCreator 11 (HKLM\...\FontCreator11-x64_is1) (Version: - High-Logic B.V.) Home Makeover (HKLM-x32\...\WTA-16c3f48d-e960-422d-82be-458dae06164f) (Version: 3.0.2.59 - WildTangent) Hidden Inkscape 0.92.2 (HKLM-x32\...\Inkscape) (Version: 0.92.2 - Inkscape Project) Intel Driver && Support Assistant (HKLM-x32\...\{AC62A2CE-110B-4DF9-93B4-3AEE721885F6}) (Version: 20.6.22.6 - Intel) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{D98C2DF9-C731-4322-A5F0-D897300216EE}) (Version: 2.4.05718 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4281 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation) Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{ac0384b9-75e3-4427-ab61-e59c3fa119a2}) (Version: 20.6.22.6 - Intel) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{AA90D357-23D3-44C1-954D-7105B0C08F38}) (Version: 17.7.0.1006 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{e2b029f6-aed3-4900-902e-bfeafd421893}) (Version: 21.0.0 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{4ac3b686-ca29-4a13-a973-06a4d4dd09e6}) (Version: 21.90.3.2 - Intel Corporation) Hidden Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation) Jewel Match Snowscapes (HKLM-x32\...\WTA-269578e4-3b0e-44fc-91cd-9f445a4464c4) (Version: 3.0.2.118 - WildTangent) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LOOT version 0.11.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.11.0 - LOOT Team) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - ) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft) Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5249.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang) Minion (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC) Mod Ascensor 1.12.2 versión 1.3.14 (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\{6CC8246A-0145-4047-A3D4-5C4183969357}_is1) (Version: 1.3.14 - ) Monopoly Plus (HKLM-x32\...\Uplay Install 3774) (Version: - Ubisoft) Morrowind (HKLM-x32\...\{055A1919-3BBA-4BD5-8B3C-3851879AC185}) (Version: - ) Mozilla Firefox 77.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 77.0.1 (x64 es-ES)) (Version: 77.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 77.0.1.7458 - Mozilla) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team) NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenMW 0.41.0 (HKLM-x32\...\OpenMW 0.41.0) (Version: 0.41.0 - OpenMW.org) paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC) Papers Please version 1.1.60-S (HKLM-x32\...\Papers Please_is1) (Version: 1.1.60-S - ) Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste) Plagiarii (HKLM-x32\...\WTA-8c2f1c12-ad7b-4d55-9605-6c6706d5ebcc) (Version: 3.0.2.59 - WildTangent) Hidden Polar Bowler 1st Frame (HKLM-x32\...\WTA-ae97c38f-31e2-4166-a99b-46f761f6bbd6) (Version: 3.0.2.59 - WildTangent) Hidden PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.29089 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.35 - Piriform) ROBLOX Player for gary_ (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio for gary_ (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.18.217 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.8 - Rockstar Games) Rory's Restaurant (HKLM-x32\...\WTA-cb43ade6-749d-4923-a28d-89147543af8a) (Version: 3.0.2.126 - WildTangent) Hidden Runefall (HKLM-x32\...\WTA-ecee0b01-f611-4009-98b8-d3a44268a0e4) (Version: 3.0.2.126 - WildTangent) Hidden SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.0.540188 - Linden Research, Inc.) Skyrim NPC Editor (HKLM-x32\...\{5BA9357B-E876-4FB2-8F1B-C7E63AC90E6F}) (Version: 0.75.1 - foretrenty) Spotify (HKLM-x32\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 13.0.0.24 - Bioware/EA) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TES Construction Set (HKLM-x32\...\{605333A6-963F-480C-A358-1301CAA6CFF6}) (Version: - ) The Elder Scrolls II: Daggerfall, DaggerfallSetup 2.14.1 (HKLM-x32\...\DaggerfallSetup_is1) (Version: - Bethesda Softworks) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios) The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version: - ) The Lord of the Rings Online™ v1301.0055.0535.4025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1301.0055.0535.4025 - Turbine, Inc.) The Sims 4 Digital Deluxe Edition MULTi17 - ElAmigos versión 1.47.49 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.47.49 - EA Games) TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.8 - Toshiba Corporation) TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 3.0.2.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.4.6401 - Toshiba Corporation) TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 8.1.1.0 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 2.02.0002.02 - Toshiba Corporation) TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.7.6401 - Toshiba Corporation) TOSHIBA User Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.03 - TOSHIBA) TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.1.2 - TOSHIBA) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 104.1 - Ubisoft) Uso a distancia de tu PS4 (HKLM-x32\...\{5EF8E631-35B8-4A88-B874-8AAE0EB6B386}) (Version: 3.0.0.09250 - Sony Interactive Entertainment Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 0.19.1 - Black Tree Gaming Ltd.) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) Warcraft III: All Products (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Warcraft III) (Version: - ) WhatsApp (HKU\S-1-5-21-369767717-942642580-508085590-1001\...\WhatsApp) (Version: 2.2019.8 - WhatsApp) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.1.1.49 - WildTangent) Hidden WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 4.5.1.182 - WildTangent) Hidden Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.9.0.0 - Winaero) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24119}) (Version: 22.0.12706 - Corel Corporation) Wondershare Data Recovery(Build 5.0.9.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.9.6 - Wondershare Software Co.,Ltd.) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Wondershare Video Editor(Build 5.0.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician) Packages: ========= Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-19] (Amazon.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.200.0_x86__kgqvnymyfvs32 [2020-06-13] (king.com) Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-30] (Microsoft Corporation) Dictionary (Toshiba Edition) -> C:\Program Files\WindowsApps\B43AE6A4.DictionaryToshibaEdition_2.1.0.23_x64__4d4hzhw5cmgnt [2016-02-22] (farlex.) Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-13] (Facebook Inc) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.) INSTEON for Hub -> C:\Program Files\WindowsApps\SmartLabs.INSTEONforHub_1.2.1.18_x86__4162j3jeed9tp [2016-11-08] (SmartLabs) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-05-06] (AMZN Mobile LLC) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_550.7.119.0_x64__8xx8rvfyw5nnt [2020-06-13] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Studios) MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-05-06] (Ennova Research) MyMusicCloud - Toshiba -> C:\Program Files\WindowsApps\TriPlayInc.MyMusicCloud-Toshiba_1.0.50.2550_x86__rejfh65ekdhs8 [2017-01-24] (TriPlay Inc) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-11] (Netflix, Inc.) Texture - Unlimited Magazines -> C:\Program Files\WindowsApps\NextIssue.NextIssueMagazines_1.6.1.0_x64__91pt4qm2m3xcw [2016-05-06] (NEXT ISSUE MEDIA LLC) TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) ZUUS -> C:\Program Files\WindowsApps\181132B7.ZUUS_1.1.0.0_neutral__zrxb4n2dhz0mw [2016-02-22] (ZUUS Media, Inc.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-369767717-942642580-508085590-1001_Classes\CLSID\{1C227C3C-B016-49E7-A338-8E84D085283F} -> [MEGA] => C:\Users\gary_\OneDrive\Documents\MEGA [2016-07-26 08:36] CustomCLSID: HKU\S-1-5-21-369767717-942642580-508085590-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) CustomCLSID: HKU\S-1-5-21-369767717-942642580-508085590-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-369767717-942642580-508085590-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\gary_\Dropbox [2016-05-20 18:37] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel(R) Rapid Storage Technology -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> ) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-12] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gary_\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> ) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a9d116625f58b0a8\igfxDTCM.dll [2019-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-12] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (Corel Corporation -> WinZip Computing, S.L.) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\gary_\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2017-02-23 00:38 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2017-02-23 00:38 - 2016-10-08 16:48 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2019-09-27 23:08 - 2019-09-27 23:08 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll 2019-09-27 23:08 - 2019-09-27 23:08 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll 2019-09-27 23:08 - 2019-09-27 23:08 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll 2016-06-08 07:04 - 2016-06-08 07:04 - 000073728 _____ () [File not signed] C:\Program Files (x86)\Toshiba\AppPlace\libegl.dll 2016-06-08 07:04 - 2016-06-08 07:04 - 001481728 _____ () [File not signed] C:\Program Files (x86)\Toshiba\AppPlace\libglesv2.dll 2016-06-08 07:03 - 2016-06-08 07:04 - 000236032 _____ () [File not signed] C:\Program Files (x86)\Toshiba\AppPlace\node_modules\appcloud-native-utils\anu.node 2017-05-17 03:26 - 2017-05-17 03:26 - 005200576 _____ (Disc Soft Ltd -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Pro\Engine.dll 2020-03-10 10:31 - 2020-03-10 10:31 - 001918464 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2019-09-27 23:08 - 2019-09-27 23:08 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll 2016-06-10 02:29 - 2017-11-17 11:23 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qgif.dll 2016-06-10 13:15 - 2017-11-17 11:23 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qicns.dll 2016-06-10 02:29 - 2017-11-17 11:23 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qico.dll 2016-06-10 02:29 - 2017-11-17 11:23 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qjpeg.dll 2016-06-10 12:47 - 2017-11-17 11:23 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qsvg.dll 2016-06-10 13:16 - 2017-11-17 11:23 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qtga.dll 2016-06-10 13:16 - 2017-11-17 11:23 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qtiff.dll 2016-06-10 13:16 - 2017-11-17 11:23 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qwbmp.dll 2016-06-10 13:17 - 2017-11-17 11:23 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\imageformats\qwebp.dll 2016-06-10 02:30 - 2017-11-17 11:23 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\gary_\AppData\Local\MEGAsync\platforms\qwindows.dll 2017-02-23 00:38 - 2016-10-08 16:49 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\gary_\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\gary_\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-369767717-942642580-508085590-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION HKU\S-1-5-21-369767717-942642580-508085590-1001\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-369767717-942642580-508085590-1001\...\sharepoint.com -> hxxps://cibertecedu-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 02:24 - 2020-06-16 15:36 - 000000844 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-369767717-942642580-508085590-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gary_\OneDrive\Pictures\tumblr_static_tumblr_static_9ouwgoyoeb0ogsc84cos0k8co_640.jpg DNS Servers: 190.113.220.18 - 190.113.220.51 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. Network Binding: ============= Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled) Wi-Fi: SoftEther Lightweight Network Protocol -> SeLow (enabled) Bluetooth Network Connection 2: SoftEther Lightweight Network Protocol -> SeLow (enabled) ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B011FE52-35EE-4594-92A4-4339DADCAED3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{C6A9AB79-D20A-47C3-AC7C-F1200DFD6796}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gloria Victis\gv.exe () [File not signed] FirewallRules: [{78D5ED08-76F3-42F5-99C4-6F1F36341364}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gloria Victis\gv.exe () [File not signed] FirewallRules: [UDP Query User{FEBF383E-2A3B-4696-94C9-5592E9D71EF7}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{54654D0B-D327-4478-8B40-09C6D5356270}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [{0843B544-5296-4609-A6F6-D75D2A284306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duck Game\DuckGame.exe (CORPTRON) [File not signed] FirewallRules: [{78CB28A9-D81E-482E-8B33-8FE9BA67A6E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duck Game\DuckGame.exe (CORPTRON) [File not signed] FirewallRules: [UDP Query User{B747994B-672C-4D3D-A266-6618D6102AFF}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed] FirewallRules: [TCP Query User{FE5BAA50-7A4E-4A8E-AA6F-D89CEAAAAAF2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed] FirewallRules: [{8C621318-ED40-41CB-89F5-4D74D12DFBF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{F06D38D2-2E6A-4FF4-BA0E-FE08295FE3DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [UDP Query User{AEEEC588-5B64-4C5F-B3EC-F03E325A6334}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe] => (Block) C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe () [File not signed] FirewallRules: [TCP Query User{E38AA12F-6454-4A51-8297-1104FD2CCE0E}C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe] => (Block) C:\program files (x86)\steam\steamapps\common\move or die\love\win\love.exe () [File not signed] FirewallRules: [{DB562302-E54F-42B0-87F8-D7F5139C33EB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{025C4245-9BEE-433C-BBF7-6731EF908120}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Elder Scrolls Legends\The Elder Scrolls Legends.exe (Sparkypants Studios, LLC -> ) FirewallRules: [{01109629-ADBB-45FE-9ECA-65E7F600310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Elder Scrolls Legends\The Elder Scrolls Legends.exe (Sparkypants Studios, LLC -> ) FirewallRules: [{D240A395-C299-4DF0-923C-0DF8F0506ECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [{598A54BB-95BE-4892-8C62-FDF80DB04BD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed] FirewallRules: [UDP Query User{AB05A781-AAC2-43E2-9C5E-92FC39D9F950}C:\users\gary_\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\gary_\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe FirewallRules: [TCP Query User{EDBE5716-DA89-42A0-AB52-C1EE4C1E9D44}C:\users\gary_\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\gary_\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe FirewallRules: [{65A1ECF9-AA47-4781-9680-53970813C7FC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{27CC1C4E-062F-4340-A5B2-C7D3630E84DF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FF911D94-429E-4252-9792-51729BC2B9CC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{402AD311-754A-4A3D-99A5-78528DBC62C3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{795397EC-0070-4C10-999A-2AA3F05AE0FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> ) FirewallRules: [{1891F1C2-165B-4FC2-B132-07E278D50153}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> ) FirewallRules: [UDP Query User{7CBA9A64-F492-48F8-B090-2164CC3C0415}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (Cryptic Studios Inc. -> ) FirewallRules: [TCP Query User{78EF03BA-0CF9-4350-9E81-99F93FC9586B}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (Cryptic Studios Inc. -> ) FirewallRules: [UDP Query User{7CF2D030-FD97-46D9-BE0D-AB861420F4E0}C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe => No File FirewallRules: [TCP Query User{6C8A30D5-9D7E-4D38-8B0E-A7985A774678}C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base72649\heroesofthestorm_x64.exe => No File FirewallRules: [UDP Query User{537C77E0-523F-4D25-BCBB-09C6589C7E1A}C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe => No File FirewallRules: [TCP Query User{5B29E45B-8404-41AC-81BA-F78EF437174A}C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base72282\sc2_x64.exe => No File FirewallRules: [UDP Query User{3F4F9ECA-5B04-45C5-B087-7AE01E440D72}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File FirewallRules: [TCP Query User{AF9FEB80-B79E-45BC-B307-5CB75C738634}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File FirewallRules: [UDP Query User{105D3A04-558B-4478-80A5-EECF7587AABD}C:\users\gary_\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gary_\appdata\local\akamai\netsession_win.exe => No File FirewallRules: [TCP Query User{24A0A719-2BA6-4297-983E-844C73571171}C:\users\gary_\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gary_\appdata\local\akamai\netsession_win.exe => No File FirewallRules: [UDP Query User{66A6F544-6BCA-4E59-83B8-121917A7C4D3}C:\games\the sims 4 1.47\game\bin\ts4_x64.exe] => (Allow) C:\games\the sims 4 1.47\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [TCP Query User{C9D85880-C8D4-4814-AA62-34CC2923FFE0}C:\games\the sims 4 1.47\game\bin\ts4_x64.exe] => (Allow) C:\games\the sims 4 1.47\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed] FirewallRules: [UDP Query User{5060D3F1-E8F4-4F2E-8B4E-52D06333FD5D}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed] FirewallRules: [TCP Query User{21DDFCD4-EF21-4A91-BF2D-0AEFDD1CC091}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed] FirewallRules: [UDP Query User{1D606DFE-DE2B-4BD8-A266-0FE511C5CC28}C:\program files (x86)\heroes of the storm\versions\base68740\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base68740\heroesofthestorm_x64.exe => No File FirewallRules: [TCP Query User{B21B9E60-CAB3-47EF-BF99-E87D43D0D79F}C:\program files (x86)\heroes of the storm\versions\base68740\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base68740\heroesofthestorm_x64.exe => No File FirewallRules: [{D0F82EBB-4779-4AF7-8EEF-7BAEC67A9C41}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit) FirewallRules: [{E7589321-1A14-4AF9-AE17-8DEA1D8D4DD0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit) FirewallRules: [{BB9D3C58-4222-4FAB-A9E9-80A90CDAA6B7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit) FirewallRules: [{36D27444-A3DE-4774-B842-B21767F775CF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit) FirewallRules: [{649C31C6-858E-48A1-A73F-61FFF9A36C29}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit) FirewallRules: [{E9E10FAD-468D-4122-B682-CD4EBB289695}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit) FirewallRules: [{73BA9730-6B1E-4FA4-B398-2B1094899F1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2CA04081-5A55-418F-AE93-87DD9A6D5582}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{48A7F51A-D1ED-44DE-BE01-88985A76F5D9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe => No File FirewallRules: [{DF9EE714-CFDC-4B62-80BA-85244215ADCE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe => No File FirewallRules: [{7EB8BA3E-BCB6-4F43-8DB0-F375EFD075FF}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe => No File FirewallRules: [{36035A56-C09D-4D90-B941-429A5F25B2A8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe => No File FirewallRules: [{895CAC69-4F11-4321-9ABF-0B7F3269BAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Morrowind\Morrowind Launcher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{96D5F1D7-0473-4DA3-8BA0-4A19F578456E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Morrowind\Morrowind Launcher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{E9B2F2C2-A2A7-4367-91A7-5997897E5CE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment) FirewallRules: [{E4EC3158-0F6E-4A2C-838B-ED79BD375D9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment) FirewallRules: [UDP Query User{B87F6D7D-67B5-4484-A8FE-4BA8F5FDDF19}C:\games\rpg\morrowind\tes3mp-server.exe] => (Allow) C:\games\rpg\morrowind\tes3mp-server.exe => No File FirewallRules: [TCP Query User{20DC0031-8D06-45F9-8C1E-7FF40596B840}C:\games\rpg\morrowind\tes3mp-server.exe] => (Allow) C:\games\rpg\morrowind\tes3mp-server.exe => No File FirewallRules: [{52EF49C5-45F7-45A4-B230-BB2D20A62D17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3E3B8970-6867-427A-AA2E-D992AAA063AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{608DCCEA-70F3-45E7-AD51-DA1AD4E545B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DD514FE3-5EAE-4130-8308-5021BE640550}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1B7F2C3F-A372-4525-BD9A-299572687058}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F3B7DAE1-84E0-4D00-A330-FBC40BCA06AE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EF81FEC0-CA08-4227-9A6B-ACCCD1A9B729}] => (Allow) C:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe => No File FirewallRules: [{9FA4F0FC-0A71-4DDA-ACFB-6FED82A902D4}] => (Allow) C:\Users\gary_\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{9AA4E860-FF96-40B1-B347-8311390FFD55}] => (Allow) C:\Users\gary_\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{74651E81-B336-43DE-8993-7BC37D5B86C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{62924A1F-866D-406B-8A6C-FDA312F8214B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B9394DAB-D0DC-4B39-8F48-6FB1676F0FEC}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CB31E93E-AAB7-49B5-A2C6-F751F2252B0A}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DB688251-CC8B-4894-ABC7-6B377DE28814}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0291857A-7C57-4B1F-895F-5CDFE4C9BCEC}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{224652D8-9AD2-48A1-AF30-F517C499C8F9}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D99E1B49-C5A6-40A0-B3A3-2E8AF3F00E8B}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{34B7411F-069B-4106-87EE-7ADB9FF36F4F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{D8B96AD3-009E-4231-B400-DF5E07045D18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{18EFFA03-360F-465F-A63B-0DBD5A21AEB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{365A8AF9-22BF-4211-972B-A04FC0324B40}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe (Standing Stone Games, LLC.) [File not signed] FirewallRules: [UDP Query User{9B225D82-E34E-4A82-AAF0-5ECC43DBF2CB}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe (Standing Stone Games, LLC.) [File not signed] FirewallRules: [{A0FBCF44-B457-434F-A829-5AB692ABDEBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{B9F0C55E-ABE3-4D48-AD97-DBF144785F22}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{829298B9-97B1-4FFB-A533-8604A5A1221A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed] FirewallRules: [{16A6B184-2658-4F9B-BB18-169871ECC658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed] FirewallRules: [{8F27912E-F7BE-442B-9D30-F7B45CCD9A13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe (NEXON Korea Corporation. -> Nexon) FirewallRules: [{C5316375-BDC5-40AF-B200-324B530C84DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe (NEXON Korea Corporation. -> Nexon) FirewallRules: [{15D614A1-315C-45C6-BE31-434E45CE2A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe (Zenimax Media Inc. -> Zenimax Online Studios) FirewallRules: [{F04EA4EB-32CF-4A9B-BBE6-5A5FB38BD58E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe (Zenimax Media Inc. -> Zenimax Online Studios) FirewallRules: [TCP Query User{E190B084-743F-4C7E-B28F-5350C8170103}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe () [File not signed] FirewallRules: [UDP Query User{C5BAB486-3E7C-4845-AD2B-71BE2BE10F3B}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe () [File not signed] FirewallRules: [TCP Query User{A2B9E510-A93B-42B4-9CB4-726CF6B36FC7}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe (CCP hf. -> CCP hf.) [File not signed] FirewallRules: [UDP Query User{E3A827BC-175D-4750-84F4-7C66667597D8}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe (CCP hf. -> CCP hf.) [File not signed] FirewallRules: [{4153636E-FA88-475F-A82A-A6FC7EF27631}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{49C10040-369C-46D9-A00E-4FCA19626AF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe () [File not signed] FirewallRules: [{C5966F12-1DB2-4ADD-93E4-07EC7AC81EF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe () [File not signed] FirewallRules: [TCP Query User{E381DD0E-92D7-41D4-8EC8-8975A92C697C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{35272C3C-CEA4-4B82-83EB-9B736015FA27}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{50EC82BF-2C15-4BD9-A4E7-4899C2126D42}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe => No File FirewallRules: [UDP Query User{83F6C4F5-862E-464B-8D7C-1DAF357D5D5E}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe => No File FirewallRules: [{FE81CF03-36AF-40E1-84A5-8AC510100B55}] => (Allow) LPort=1689 FirewallRules: [TCP Query User{AA7D4EBC-F4EF-48BB-B005-80089025F893}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe => No File FirewallRules: [UDP Query User{F3A8B41F-C366-4ABE-87DA-1061D6031F4E}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe => No File FirewallRules: [{750D02BA-25A7-4785-896F-1A8485D6B9F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed] FirewallRules: [{D4A51A02-29CD-42C6-A84F-4FEB6F783FBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe () [File not signed] FirewallRules: [{326FB6B8-FBEE-4E45-AE1F-C9609C2D5218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe () [File not signed] FirewallRules: [{2DDFFBA8-5597-4875-AB1D-C45169D01A4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe () [File not signed] FirewallRules: [TCP Query User{081B6C30-2986-4BF4-BE54-D443D6CDD107}C:\games\halo 2\halo2.exe] => (Allow) C:\games\halo 2\halo2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{0E91CAB3-626C-49EF-8884-0D4E9B8F2D1F}C:\games\halo 2\halo2.exe] => (Allow) C:\games\halo 2\halo2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{62B12964-EBFE-4C65-B0CC-578FEEEC7718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed] FirewallRules: [{6B70CBFD-C60D-446B-AD17-EFDB04C8E0EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed] FirewallRules: [{3F6BACCA-9F04-453C-B6C6-A10D6F2615A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed] FirewallRules: [{5A590A14-3AEC-46D0-AB54-478A0C514FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed] FirewallRules: [TCP Query User{7F293BAA-61DF-4A77-A7F7-EC86D4446B18}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File FirewallRules: [UDP Query User{EAE011DC-30D5-43DD-B789-793EB08806C5}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File FirewallRules: [{50BB56D8-6627-40C3-A5DC-AB3F46542DAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed] FirewallRules: [{CB5EA535-9873-4ED1-813E-20F9C9E229DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed] FirewallRules: [{102F7273-B946-4475-8DA5-1E53E0600B35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed] FirewallRules: [{1CB17472-F52F-47EE-B5A1-3EB1A9DB22D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuphead\Cuphead.exe () [File not signed] FirewallRules: [{DD9BACCB-1EC2-4FD5-9772-516EAC0F84FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed] FirewallRules: [{604FEAD0-CFC1-4701-BAE6-E6E4C5451823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed] FirewallRules: [{121028AE-776E-4D3D-9FB8-41906CC89617}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed] FirewallRules: [{7E08A728-61EB-43F1-82CA-D57560F17B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed] FirewallRules: [{ABCE12BF-711B-4A19-A1EA-00AF264BCC27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed] FirewallRules: [{E48EE21F-8994-41D4-9503-2D7EE84ABA7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed] FirewallRules: [TCP Query User{1000923E-7438-4B50-A30F-65B14110A9EC}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [UDP Query User{B9DDF227-07C3-4E3F-97EC-6FC2C081361E}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File FirewallRules: [{68D7E1B7-3449-4980-863A-39BDDCBE355F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe () [File not signed] FirewallRules: [{91268F9B-4F5E-40E1-8090-B82DDF92BCEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe () [File not signed] FirewallRules: [{914D5C69-0B7A-45A0-AFF7-DB282A050EBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe () [File not signed] FirewallRules: [{01596D85-9971-4362-B22A-805B4D913767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe () [File not signed] FirewallRules: [TCP Query User{E15DF448-8427-49B2-BBAE-BE8624C39480}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works) FirewallRules: [UDP Query User{AD2D7DD5-14F6-4B32-8E12-F3841328D122}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works) FirewallRules: [TCP Query User{7A2E7C30-CCD0-408F-9A8E-0B23D09B779A}C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed] FirewallRules: [UDP Query User{69E7BD8A-2AFE-46E8-B98B-C1F878109DD6}C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\tmodloaderserver.exe (Re-Logic) [File not signed] FirewallRules: [{865ED659-37FB-4885-BE19-2DCE09687BBC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{FF1EAC18-E4BD-49DD-8EAF-A9F89313373B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{38D6D81E-3545-4D02-9B81-C77DF5706831}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{2760424D-1E71-4012-8E41-1EBD46E6A17C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{44C5E66E-152C-4A52-A1C1-BDF3FED613DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed] FirewallRules: [{50C8AE91-1BDE-4350-92EF-94C6C02963A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed] FirewallRules: [{E4F0AEA3-A6D1-4FF5-907D-30C2AF3FF550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe => No File FirewallRules: [{E518BA20-FFB5-4CF2-BF35-82ED248C7A31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe => No File FirewallRules: [{40BCCFDE-D5CC-45BD-8F7C-5BA51EE8EF20}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.) FirewallRules: [{3F74D276-E0B9-4950-BB5F-B58E4EE3C5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Katana ZERO\Katana ZERO.exe (Askiisoft LLC) [File not signed] FirewallRules: [{19A3F54E-9190-4872-8238-E222E73F87FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Katana ZERO\Katana ZERO.exe (Askiisoft LLC) [File not signed] FirewallRules: [{FEFD297A-6E74-4C1C-A58E-324AAA791253}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Monopoly Plus\Monopoly.exe (Ubisoft Entertainment -> Asobo Studio) FirewallRules: [{8BBEC3FF-CDF1-453A-BD9C-06CC34D4EA6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe (NEXON Korea Corporation. -> Nexon) FirewallRules: [{D1B14037-0EA9-435B-A938-2FD49A9991A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe (NEXON Korea Corporation. -> Nexon) FirewallRules: [{E038E26F-7D63-4331-8D22-942DB262C0A9}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software) FirewallRules: [{43581DCF-6A05-4D18-B118-393303A9B016}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> ) FirewallRules: [{E7783FFD-DB7D-4F23-BFD7-22ED56856215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> ) FirewallRules: [{9E78FDF3-3466-4D65-9ADB-F7FCCEE4F0AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{A1ECE887-EC77-4828-BB95-A36F8B1A3B5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{15EB9114-7468-49B0-A295-6169921291EF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) [File not signed] FirewallRules: [{493A75D1-DCF2-4445-80D1-A79D419DD716}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{431A363C-6A18-46D7-8084-9884AD4F2732}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 31-05-2020 14:11:04 Scheduled Checkpoint 04-06-2020 00:07:07 Windows Update 11-06-2020 23:42:34 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (06/17/2020 11:53:42 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (832,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/17/2020 11:06:26 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3412,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/17/2020 10:58:34 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-D7R02BVQ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (06/17/2020 10:47:28 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5252,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/17/2020 10:22:37 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13920,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/17/2020 12:28:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: firefox.exe, version: 77.0.1.7458, time stamp: 0x5ed6e1ae Faulting module name: ntdll.dll, version: 10.0.18362.815, time stamp: 0xb29ecf52 Exception code: 0xc0000374 Fault offset: 0x00000000000f9229 Faulting process id: 0x3264 Faulting application start time: 0x01d64458a6483e14 Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 2d5c2a26-4579-4fdc-ae4f-383141819f4c Faulting package full name: Faulting package-relative application ID: Error: (06/17/2020 12:12:49 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12500,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (06/16/2020 08:31:34 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3372,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (06/17/2020 11:12:02 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041790, 0xffff9b8005fa5a00, 0x0000000000000001, 0x0000000000000002). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: b2d7e30e-3838-499c-8e64-c788c4fc1daf. Error: (06/17/2020 11:05:23 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout. Error: (06/17/2020 11:04:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Update Orchestrator Service service hung on starting. Error: (06/17/2020 11:01:22 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Downloaded Maps Manager service hung on starting. Error: (06/17/2020 10:59:20 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Intel(R) Management and Security Application Local Management Service service hung on starting. Error: (06/17/2020 10:56:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Delivery Optimization service hung on starting. Error: (06/17/2020 10:52:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Intel(R) PROSet/Wireless Zero Configuration Service service terminated with the following error: %%2147770990 Error: (06/17/2020 10:51:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SecDrv service failed to start due to the following error: This driver has been blocked from loading Windows Defender: =================================== Date: 2020-06-08 21:36:40.163 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {A709CB09-7014-4655-A89A-486DA06558BD} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-06-08 19:33:23.326 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {921FD99C-2024-4205-ACE5-CC8AC527E199} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-06-08 18:54:05.209 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {75B8935C-DFA3-4F85-87E7-9269C7FF282D} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-06-08 14:17:34.046 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {E2E74997-F7C9-4ECC-9E61-26207DF7C7DE} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-06-08 14:01:33.872 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {76A64E44-5029-4EDB-8995-E6A0FA5B58AA} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2020-06-06 20:47:08.469 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.317.712.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17100.2 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-06-06 14:33:30.425 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.317.712.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17100.2 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-06-04 10:50:17.735 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.317.546.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17100.2 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-05-30 10:58:06.721 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.317.207.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17100.2 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2020-05-29 13:35:01.617 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.317.76.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.17100.2 Error code: 0x80072ee7 Error description: The server name or address could not be resolved CodeIntegrity: =================================== Date: 2020-06-16 16:18:16.182 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Installer\MSI3CC8.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-06-12 12:12:52.064 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-06-12 11:55:35.325 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-05-25 23:41:17.992 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2020-05-25 23:41:17.981 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2020-05-25 23:41:13.429 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2020-05-25 23:41:13.418 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2020-05-25 23:41:13.259 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: INSYDE Corp. 1.50 01/15/2016 Motherboard: FF50 06F3 Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Percentage of memory in use: 48% Total physical RAM: 8026.47 MB Available physical RAM: 4104.05 MB Total Virtual: 9925.47 MB Available Virtual: 5191.46 MB ==================== Drives ================================ Drive c: (TIS0008000D) (Fixed) (Total:930.47 GB) (Free:108.02 GB) NTFS \\?\Volume{e487489e-3170-482d-8b12-f55a3aad9a3e}\ () (Fixed) (Total:0.77 GB) (Free:0.3 GB) NTFS \\?\Volume{078bec5f-e66c-443d-8e5d-f7bb195ebfc9}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================