[RESOLVED] somethings ****y
Results 1 to 9 of 9

Thread: [RESOLVED] somethings ****y

  1. #1
    Join Date
    Dec 2020
    Posts
    7

    Resolved [RESOLVED] somethings ****y

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-12-2020
    Ran by amber (administrator) on DESKTOP-FG2HJ54 (12-12-2020 05:35:59)
    Running from C:\Users\amber\Downloads
    Loaded Profiles: amber
    Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: English (United States)
    Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () [File not signed] D:\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <16>
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastNM.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <4>
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7269\Agent.exe
    (Discord Inc. -> Discord Inc.) C:\Users\amber\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
    (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
    (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
    (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
    (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
    (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
    (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
    (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
    (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <54>
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
    (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
    (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileCoAuth.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2012.1003.34.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
    (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
    (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
    (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
    (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe <2>
    (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
    (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
    (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2019-08-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Discord] => C:\Users\amber\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3145504 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32711056 2020-12-11] (Epic Games Inc. -> Epic Games, Inc.)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090024 2020-12-10] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [7864296 2019-10-02] (GlassWire -> SecureMix LLC)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [12822184 2020-03-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [AvastBrowserAutoLaunch_36C80EFD8CFDC4184B8BB37233C91D97] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {16F71FE4-75A6-4B58-9D5A-A0EE2325021E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532312 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Task: {26E0328F-5FAB-47FA-84E1-9F9542629AF7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {2866A4C3-FB21-42DE-8B1D-166F5E5A9546} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-12-12] (Avast Software s.r.o. -> Avast Software)
    Task: {3A063400-7B95-459B-AB92-2131DCE28020} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {40862B19-60B2-4257-A004-1A1225B63593} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    Task: {572D0DF4-AE5D-4B5F-9AFB-2E2E3188583E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    Task: {59F6AF24-F4AE-4E8E-BDD0-1D689D085B00} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
    Task: {5A79E65C-2E83-42C9-9861-9A34113067BD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
    Task: {5D18214A-64D4-4756-9A86-7E993E229B0D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {68D65C33-ED75-4E8A-B6AF-E80B4D4CB33C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {6E2553D2-3089-457F-938B-30070B84F2B6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2774904 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    Task: {6E29E651-24DB-41F1-B1D7-64FB27E8C9CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-01] (Google Inc -> Google LLC)
    Task: {6FD19644-AB03-4D06-951E-69201FE82168} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Task: {74F44EEF-6808-46B5-867B-3244251E3984} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
    Task: {9954BD47-EAE3-4FFF-ADCA-D0BB8EE0D3BA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
    Task: {A2DE60F9-7D5A-4B3D-ADA4-D327A916DF69} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
    Task: {AC0A6B8B-C6B6-4396-8433-157CD2B828E7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {AEFF61D5-955F-4281-BC99-93511512C3A7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {CC4A9CE9-CBDC-4F70-B543-3EB04FCB019B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-01] (Google Inc -> Google LLC)
    Task: {CD6CB822-F8AE-40BC-B4AE-44B1FCFE7305} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
    Task: {CF6FE57D-94E5-4372-95C0-905DFFF9932C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {E7070102-ECA3-44E1-B7E1-1AD0F0C3C33C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {F4762CA9-04BD-4C8E-9928-16E0EA263B5D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Task: {FB735597-2459-436D-BD1F-FE5F2B871DFE} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
    Tcpip\..\Interfaces\{6595f12a-951c-4239-a931-e4b44c1638c4}: [DhcpNameServer] 192.168.43.1
    Tcpip\..\Interfaces\{d7acc265-a5ff-45fd-a2e2-8b56def4d436}: [DhcpNameServer] 64.59.135.149 64.59.128.111

    Edge:
    ======
    Edge Profile: C:\Users\amber\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-12]

    FireFox:
    ========
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
    FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default [2020-12-12]
    CHR Notifications: Default -> hxxps://www.razer.com
    CHR Extension: (Slides) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-01]
    CHR Extension: (Just Black) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-05]
    CHR Extension: (Docs) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-01]
    CHR Extension: (Google Drive) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-06]
    CHR Extension: (YouTube) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-01]
    CHR Extension: (Honey) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-12-03]
    CHR Extension: (Sheets) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-01]
    CHR Extension: (Google Docs Offline) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-03]
    CHR Extension: (LastPass: Free Password Manager) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
    CHR Extension: (Grammarly for Chrome) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-12-12]
    CHR Extension: (Zoom Scheduler) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2020-12-03]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
    CHR Extension: (Gmail) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-06]
    CHR Extension: (Chrome Media Router) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-05]
    CHR Profile: C:\Users\amber\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-12]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8850192 2020-11-19] (BattlEye Innovations e.K. -> )
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
    S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileSyncHelper.exe [2188664 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [5840360 2019-10-02] (GlassWire -> SecureMix LLC)
    R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
    S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\OneDriveUpdaterService.exe [2553200 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts)
    R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2020-02-28] (Even Balance, Inc. -> )
    R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-20] (Razer USA Ltd. -> Razer Inc.)
    R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
    R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
    R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294640 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
    S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-08-19] (Rockstar Games, Inc. -> Rockstar Games)
    R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-22] (Razer USA Ltd. -> Razer Inc.)
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
    S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182120 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
    R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AppShopDrv103; C:\Windows\SysWOW64\Drivers\AppShopDrv103.sys [34568 2019-12-28] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
    S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2019-08-01] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
    S3 AsrDrv104n; C:\Windows\SysWOW64\Drivers\AsrDrv104n.sys [33000 2019-08-01] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
    S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16832 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216984 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326064 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
    R1 EneIo; C:\Windows\system32\drivers\ene.sys [16320 2018-03-20] (Ptolemy Tech Co., Ltd -> )
    R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
    R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (GlassWire -> SecureMix LLC)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
    S3 MSIO; C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
    R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
    R3 RzDev_0064; C:\Windows\System32\drivers\RzDev_0064.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
    R3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
    S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
    U4 AppMgmt; no ImagePath
    U3 avgbdisk; no ImagePath
    U4 CscService; no ImagePath
    U4 napagent; no ImagePath
    U4 PeerDistSvc; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-12-12 05:35 - 2020-12-12 05:36 - 000031873 _____ C:\Users\amber\Downloads\FRST.txt
    2020-12-12 05:03 - 2020-12-12 05:36 - 000000000 ____D C:\FRST
    2020-12-12 05:01 - 2020-12-12 05:02 - 002289152 _____ (Farbar) C:\Users\amber\Downloads\FRST64.exe
    2020-12-12 04:58 - 2020-12-12 04:58 - 005712776 _____ (COMODO) C:\Users\amber\Downloads\cav_installer_138430010_1a (1).exe
    2020-12-12 04:49 - 2020-12-12 04:49 - 000003856 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
    2020-12-12 04:49 - 2020-12-12 04:49 - 000003456 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
    2020-12-12 04:49 - 2020-12-12 04:49 - 000003332 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
    2020-12-12 04:49 - 2020-12-12 04:49 - 000003272 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
    2020-12-12 04:49 - 2020-12-12 04:49 - 000002588 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
    2020-12-12 04:49 - 2020-12-12 04:49 - 000002553 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
    2020-12-12 04:49 - 2020-12-12 04:49 - 000002553 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
    2020-12-12 04:49 - 2020-12-12 04:49 - 000000000 ____D C:\Users\amber\AppData\Local\AVAST Software
    2020-12-12 04:48 - 2020-12-12 04:48 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
    2020-12-12 04:48 - 2020-12-12 04:48 - 000002120 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2020-12-12 04:48 - 2020-12-12 04:48 - 000002120 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
    2020-12-12 04:47 - 2020-12-12 04:47 - 000851256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000522480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000469472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000340576 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2020-12-12 04:47 - 2020-12-12 04:47 - 000332880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000326064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000247888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000216984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000208672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000176384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000108928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000097360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000084496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000042424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000036792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000016832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
    2020-12-12 04:47 - 2020-12-12 04:47 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
    2020-12-12 04:47 - 2020-12-12 04:47 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
    2020-12-12 04:47 - 2020-12-12 04:47 - 000000000 ____D C:\Program Files\Common Files\Avast Software
    2020-12-12 04:47 - 2020-12-12 04:47 - 000000000 ____D C:\Program Files\Avast Software
    2020-12-12 04:43 - 2020-12-12 04:43 - 000220784 _____ (AVAST Software) C:\Users\amber\Downloads\avast_free_antivirus_setup_online (2).exe
    2020-12-12 04:38 - 2020-12-12 04:38 - 000000052 _____ C:\Users\amber\Desktop\nbhghgmd.txt
    2020-12-12 04:28 - 2020-12-12 04:28 - 000000000 ____D C:\ProgramData\Shared Space
    2020-12-12 04:28 - 2020-12-12 04:28 - 000000000 ____D C:\ProgramData\Comodo
    2020-12-12 04:27 - 2020-12-12 04:27 - 005712776 _____ (COMODO) C:\Users\amber\Downloads\cav_installer_138430010_1a.exe
    2020-12-12 02:41 - 2020-12-12 02:41 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
    2020-12-12 00:58 - 2020-12-12 00:58 - 000780805 _____ C:\Users\amber\Downloads\covid19dataexport (2).xlsx
    2020-12-12 00:52 - 2020-12-12 00:52 - 000780805 _____ C:\Users\amber\Downloads\covid19dataexport (1).xlsx
    2020-12-12 00:50 - 2020-12-12 00:50 - 000780805 _____ C:\Users\amber\Downloads\covid19dataexport.xlsx
    2020-12-12 00:49 - 2020-12-12 00:49 - 000119581 _____ C:\Users\amber\Downloads\covid19dataexport.csv
    2020-12-10 14:22 - 2020-12-10 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2020-12-10 14:22 - 2020-12-10 14:22 - 000000000 ____D C:\Program Files\Logitech
    2020-12-10 00:17 - 2020-12-10 00:17 - 002045952 _____ C:\Windows\system32\rdpnano.dll
    2020-12-10 00:17 - 2020-12-10 00:17 - 000171008 _____ C:\Windows\system32\FsNVSDeviceSource.dll
    2020-12-10 00:17 - 2020-12-10 00:17 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000357 _____ C:\Windows\system32\DrtmAuth14.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000357 _____ C:\Windows\system32\DrtmAuth13.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
    2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
    2020-12-10 00:16 - 2020-12-10 00:16 - 001756600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2020-12-10 00:16 - 2020-12-10 00:16 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2020-12-10 00:16 - 2020-12-10 00:16 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
    2020-12-10 00:16 - 2020-12-10 00:16 - 000059392 _____ C:\Windows\system32\runexehelper.exe
    2020-12-10 00:16 - 2020-12-10 00:16 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
    2020-12-06 04:50 - 2020-12-06 04:51 - 414490204 _____ C:\Users\amber\Downloads\DEFAULT_1Rwbs-13_Burnt_Horizon_light.zip
    2020-12-05 22:21 - 2020-12-05 22:21 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2020-12-05 22:21 - 2020-12-05 22:21 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
    2020-11-27 15:44 - 2020-11-27 15:45 - 000000000 ____D C:\Users\amber\AppData\Local\Citra
    2020-11-27 15:44 - 2020-11-27 15:44 - 000000000 ____D C:\Users\amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra
    2020-11-27 15:43 - 2020-11-27 15:43 - 019701636 _____ C:\Users\amber\Downloads\citra-setup-windows.exe
    2020-11-20 04:58 - 2020-11-20 04:58 - 000206936 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
    2020-11-20 04:58 - 2020-11-20 04:58 - 000181848 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
    2020-11-16 23:45 - 2020-11-16 23:45 - 000187544 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastAPI64.dll
    2020-11-16 23:45 - 2020-11-16 23:45 - 000164512 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastManager64.dll
    2020-11-16 23:45 - 2020-11-16 23:45 - 000153240 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll
    2020-11-16 23:45 - 2020-11-16 23:45 - 000134304 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastManager.dll
    2020-11-14 05:18 - 2020-10-20 23:31 - 000079376 _____ (Razer Inc) C:\Windows\system32\RazerS3Coinstaller.dll
    2020-11-12 23:04 - 2020-11-12 23:04 - 000000000 ____D C:\Users\amber\AppData\LocalLow\Mediatonic

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-12-12 05:37 - 2019-08-01 16:07 - 000000000 ____D C:\Users\amber\AppData\Roaming\Origin
    2020-12-12 05:35 - 2019-08-01 16:04 - 000000000 ____D C:\Users\amber\AppData\Roaming\Discord
    2020-12-12 05:35 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-12-12 05:33 - 2020-01-04 00:23 - 000000000 ____D C:\Users\amber\AppData\Local\Battle.net
    2020-12-12 04:48 - 2020-04-02 22:04 - 000000000 ____D C:\Users\amber\AppData\Roaming\Avast Software
    2020-12-12 04:48 - 2020-04-02 22:03 - 000000000 ____D C:\ProgramData\Avast Software
    2020-12-12 04:47 - 2019-03-18 21:52 - 000000000 ___HD C:\Windows\ELAMBKUP
    2020-12-12 02:57 - 2019-08-01 15:37 - 000000000 ____D C:\ProgramData\NVIDIA
    2020-12-12 02:50 - 2019-08-01 16:15 - 000000000 ____D C:\Program Files (x86)\Origin Games
    2020-12-12 02:50 - 2019-08-01 16:07 - 000000000 ____D C:\ProgramData\Origin
    2020-12-12 02:49 - 2019-08-01 16:07 - 000000000 ____D C:\Users\amber\AppData\Local\Origin
    2020-12-12 02:47 - 2019-08-01 15:38 - 000840852 _____ C:\Windows\system32\PerfStringBackup.INI
    2020-12-12 02:47 - 2019-03-18 21:50 - 000000000 ____D C:\Windows\INF
    2020-12-12 02:41 - 2020-01-04 00:22 - 000000000 ____D C:\Program Files (x86)\Battle.net
    2020-12-12 02:41 - 2019-08-01 16:05 - 000000000 ____D C:\Program Files (x86)\Steam
    2020-12-12 02:41 - 2019-08-01 15:41 - 000000000 ___RD C:\Users\amber\OneDrive
    2020-12-12 02:41 - 2019-08-01 13:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2020-12-12 02:41 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-12-12 02:41 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\AppReadiness
    2020-12-12 02:40 - 2019-03-18 21:37 - 000786432 _____ C:\Windows\system32\config\BBI
    2020-12-12 02:37 - 2019-08-01 13:32 - 000000000 ____D C:\Windows\system32\SleepStudy
    2020-12-12 01:03 - 2019-08-01 15:39 - 000000000 ____D C:\Users\amber\AppData\Local\Packages
    2020-12-11 21:16 - 2020-06-21 21:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2020-12-10 14:25 - 2019-08-01 15:39 - 000000000 __RHD C:\Users\Public\AccountPictures
    2020-12-10 14:25 - 2019-08-01 15:39 - 000000000 ___RD C:\Users\amber\3D Objects
    2020-12-10 14:25 - 2019-08-01 13:32 - 000439904 _____ C:\Windows\system32\FNTCACHE.DAT
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\SystemResources
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\oobe
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\Dism
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\ShellExperiences
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\bcastdvr
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
    2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
    2020-12-10 00:21 - 2019-03-18 21:37 - 000000000 ____D C:\Windows\CbsTemp
    2020-12-08 02:02 - 2020-01-23 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
    2020-12-08 02:02 - 2019-08-01 16:14 - 000000000 ____D C:\Users\amber\AppData\Local\D3DSCache
    2020-12-08 02:01 - 2019-08-01 19:47 - 000000000 ____D C:\Users\amber\AppData\Local\Ubisoft Game Launcher
    2020-12-07 12:18 - 2019-08-01 16:04 - 000000000 ____D C:\Users\amber\AppData\Local\Discord
    2020-12-06 02:46 - 2019-11-06 19:03 - 000000000 ____D C:\Program Files\Microsoft Office
    2020-12-05 22:22 - 2020-07-26 10:38 - 000001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
    2020-12-05 22:21 - 2019-11-13 22:04 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
    2020-12-03 21:57 - 2019-08-01 13:32 - 000000000 ____D C:\Windows\system32\Drivers\wd
    2020-12-03 11:32 - 2019-08-01 15:41 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
    2020-12-03 11:32 - 2019-08-01 15:41 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
    2020-12-02 22:07 - 2019-08-01 15:40 - 000000000 ____D C:\Users\amber\AppData\Local\PlaceholderTileLogoFolder
    2020-12-02 21:47 - 2020-01-23 15:59 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
    2020-12-02 21:47 - 2019-08-01 16:14 - 000000000 ____D C:\Program Files (x86)\Origin
    2020-12-02 15:32 - 2019-08-01 15:42 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-11-27 18:40 - 2020-06-21 21:57 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2020-11-27 18:40 - 2020-06-21 21:57 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2020-11-24 00:51 - 2020-04-27 12:24 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2020-11-20 23:01 - 2020-10-01 00:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
    2020-11-20 23:01 - 2020-05-18 13:49 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
    2020-11-20 23:01 - 2019-12-14 01:35 - 000170424 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
    2020-11-20 23:01 - 2019-10-09 00:08 - 000033728 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
    2020-11-20 23:01 - 2019-09-22 20:27 - 001562560 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
    2020-11-20 23:01 - 2019-09-22 20:27 - 000158136 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
    2020-11-20 23:01 - 2019-09-22 20:27 - 000154032 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
    2020-11-14 00:18 - 2019-08-01 15:37 - 000000000 ____D C:\Users\amber
    2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\TextInput
    2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\SysWOW64\setup
    2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\setup
    2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\migwiz
    2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\PolicyDefinitions
    2020-11-12 23:04 - 2019-11-11 22:22 - 000000000 ____D C:\Users\amber\AppData\Roaming\EasyAntiCheat
    2020-11-12 11:00 - 2020-10-01 00:55 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
    2020-11-12 10:59 - 2020-10-01 00:55 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

  2. #2
    Join Date
    Dec 2020
    Posts
    7
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-12-2020
    Ran by amber (12-12-2020 05:37:04)
    Running from C:\Users\amber\Downloads
    Windows 10 Home Version 1909 18363.1256 (X64) (2019-08-01 20:33:57)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2076011033-3280622806-4239828195-500 - Administrator - Disabled)
    amber (S-1-5-21-2076011033-3280622806-4239828195-1001 - Administrator - Enabled) => C:\Users\amber
    death (S-1-5-21-2076011033-3280622806-4239828195-1011 - Limited - Disabled)
    DefaultAccount (S-1-5-21-2076011033-3280622806-4239828195-503 - Limited - Disabled)
    Guest (S-1-5-21-2076011033-3280622806-4239828195-501 - Limited - Disabled)
    srdoy (S-1-5-21-2076011033-3280622806-4239828195-1010 - Limited - Disabled)
    WDAGUtilityAccount (S-1-5-21-2076011033-3280622806-4239828195-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
    Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.5.2 - Electronic Arts, Inc.)
    APP Shop v1.0.41 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.41 - ASRock Inc.)
    ASRRGBLED v1.0.57 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.57 - ASRock Inc.)
    ASUS DRAM_LIB (HKLM\...\{2F0D3D1A-1B75-4DFC-8C0E-C55C4EAB67F8}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden
    ASUS DRAM_LIB (HKLM-x32\...\{6bd55e2a-f475-4183-b862-1dd70c1ce699}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden
    ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
    ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
    Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
    Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
    Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.64.43202 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
    Battlestate Games Launcher 10.3.0.1162 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.3.0.1162 - Battlestate Games)
    BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
    Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
    Chaotica 1.5.8 (64 bit) (HKLM\...\{60A90BC5-90C8-4765-8753-C867152A5FD5}) (Version: 1.5.8 - Glare Technologies Limited)
    Citra (HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\{04bccc7f-89b1-4899-8ced-6921868fbcc9}) (Version: 1.0.0 - Citra Team)
    Discord (HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
    ENE IO Driver (HKLM-x32\...\{D0512FF6-6194-4D2E-967E-25B82A3322FF}) (Version: 1.0.0 - ENE TECHNOLOGY INC.) Hidden
    ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
    ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden
    ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
    ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
    Epic Games Launcher (HKLM-x32\...\{5B340CD5-07E3-41AA-9117-0A0EC863E454}) (Version: 1.1.220.0 - Epic Games, Inc.)
    Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.7.8922 - Battlestate Games)
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
    GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.167 - SecureMix LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
    Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Logitech Capture (HKLM\...\Capture) (Version: 2.04.13 - Logitech)
    Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
    Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
    Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
    Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
    Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
    Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
    NVIDIA Graphics Driver 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
    OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 10.5.89.45622 - Electronic Arts, Inc.)
    Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
    PlanetSide 2 (HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
    Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.11.9.1287 - Razer Inc.)
    Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8403 - Realtek Semiconductor Corp.)
    Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0031 - REALTEK Semiconductor Corp.)
    Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.27.272 - Rockstar Games)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.6.5 - Rockstar Games)
    Samsung DeX (HKLM-x32\...\{0924F03B-F48D-445B-9302-43E86707EC8B}) (Version: 1.0.1.40 - Samsung Electronics Co., Ltd.) Hidden
    Samsung DeX (HKLM-x32\...\{e539e534-854a-46d2-b8f8-f6a3405f782a}) (Version: 1.0.1.40 - Samsung Electronics Co., Ltd.)
    Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 32.1 - Ubisoft)
    Zoom (HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

    Packages:
    =========
    1938 MG TA Midget -> C:\Program Files\WindowsApps\Microsoft.MGTA38_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    1966 Volkswagen Double Cab Pick-Up -> C:\Program Files\WindowsApps\Microsoft.VWDoubleCab61_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    1970 Triumph TR6 PI -> C:\Program Files\WindowsApps\Microsoft.TRITR670_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    1972 Lamborghini Jarama S -> C:\Program Files\WindowsApps\Microsoft.LAMJarama76_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    2017 Ferrari GTC4Lusso -> C:\Program Files\WindowsApps\Microsoft.ERGTC4Lusso_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    2018 Chevrolet Camaro ZL1 1LE -> C:\Program Files\WindowsApps\Microsoft.CHECamaro1LE18_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    2018 Morgan Aero GT -> C:\Program Files\WindowsApps\Microsoft.MORAeroGT19_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    2019 Chevrolet Corvette ZR1 -> C:\Program Files\WindowsApps\Microsoft.CHECorvetteZR_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2 [2020-11-26] (Audible Inc)
    Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-01] (king.com)
    Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-26] (king.com)
    Forza Horizon 4 1965 Peel Trident -> C:\Program Files\WindowsApps\Microsoft.PEETrident_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2005 Honda NSX-R GT -> C:\Program Files\WindowsApps\Microsoft.HONNSXRGT_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.457.371.2_x64__8wekyb3d8bbwe [2020-12-09] (Microsoft Studios)
    Forza Horizon 4 1929 Mercedes-Benz SSK -> C:\Program Files\WindowsApps\Microsoft.MercedesBenzSSK_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 1953 Jaguar C-Type -> C:\Program Files\WindowsApps\Microsoft.JAGCType_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1959 Cadillac Eldorado Biarritz Convertible -> C:\Program Files\WindowsApps\Microsoft.CADElDorado_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1959 Porsche 356A Coupe -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon41959Porsche356ACoupe_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 1962 Triumph TR3B -> C:\Program Files\WindowsApps\Microsoft.TriumphTR3B_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 1963 Opel Kadett A -> C:\Program Files\WindowsApps\Microsoft.OpelKadettA_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 1965 Ford Transit -> C:\Program Files\WindowsApps\Microsoft.FORTransit_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1966 Hillman Imp -> C:\Program Files\WindowsApps\Microsoft.SUNImp_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 1968 Ford Mustang GT 2+2 Fastback -> C:\Program Files\WindowsApps\Microsoft.FORMustangGT390_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1974 Honda Civic RS -> C:\Program Files\WindowsApps\Microsoft.HONCivicRS_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1977 Hoonigan Ford Gymkhana 10 F-150 -> C:\Program Files\WindowsApps\Microsoft.FordGymkhana_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1985 Porsche #186 959 Paris-Dakar -> C:\Program Files\WindowsApps\Microsoft.Porsche186ParisDakar_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 1993 Hoonigan Ford Escort Cosworth Group A -> C:\Program Files\WindowsApps\Microsoft.HooniganFordEscort_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 1993 Porsche 968 Turbo S -> C:\Program Files\WindowsApps\Microsoft.POR968TurboS_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2002 Mazda RX-7 Spirit R Type-A -> C:\Program Files\WindowsApps\Microsoft.MazdaRX7SpiritR_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2003 Honda S2000 -> C:\Program Files\WindowsApps\Microsoft.HondaS2000_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2004 Vauxhall VX220 -> C:\Program Files\WindowsApps\Microsoft.VauxhallVX220_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2005 Ferrari FXX -> C:\Program Files\WindowsApps\Microsoft.FerrariFXX_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2010 Vauxhall Insignia VXR -> C:\Program Files\WindowsApps\Microsoft.VauxhallInsigniaVXR_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2012 Lamborghini Gallardo LP570-4 Spyder Performante -> C:\Program Files\WindowsApps\Microsoft.LamborghiniGallardoLP5704_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2014 McLaren 650S Spider -> C:\Program Files\WindowsApps\Microsoft.MCL650SSpider_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2016 Honda Civic Coupe GRC -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42016HondaCivicCoupeGRC_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2017 Koenigsegg Agera RS -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42017KoenigseggAgeraRS_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2018 Alfa Romeo Stelvio Quadrifoglio -> C:\Program Files\WindowsApps\Microsoft.AlfaStevio_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2018 Aston Martin Vantage -> C:\Program Files\WindowsApps\Microsoft.ASTVantage18_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2018 Can-Am Maverick X3 X RS Turbo R -> C:\Program Files\WindowsApps\Microsoft.CanAmMaverick_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2018 Chevrolet Silverado 1500 DeBerti Design Drift Truck -> C:\Program Files\WindowsApps\Microsoft.CHEDebertiDriftTruck_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2018 Ford Deberti Design Mustang Fastback -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon2018FordDebertiDesignMustang_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2018 Nissan SentraNismo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42018NissanSentraNismo_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2018 TVR Griffith -> C:\Program Files\WindowsApps\Microsoft.TVRGriffith18_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 2019 BMW i8 Roadster -> C:\Program Files\WindowsApps\Microsoft.BMWi8Roadster_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-03] (Microsoft Studios)
    Forza Horizon 4 2019 Porsche 911 Carrera S -> C:\Program Files\WindowsApps\Microsoft.POR992_1.0.0.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 Barrett Jackson Car Pack -> C:\Program Files\WindowsApps\Microsoft.BJCarPack_1.0.1.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 Best of Bond Car Pack -> C:\Program Files\WindowsApps\Microsoft.Day1CarPackBits_1.0.5.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2019-12-08] (Microsoft Studios)
    Forza Horizon 4 Fortune Island -> C:\Program Files\WindowsApps\Microsoft.Expansion1_1.225.171.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 LEGO Speed Champions -> C:\Program Files\WindowsApps\Microsoft.Expansion2_1.312.645.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 VIP -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4VIP_1.0.3.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    Forza Horizon 4 Welcome Pack -> C:\Program Files\WindowsApps\Microsoft.FH4WelcomePack_1.425.824.2_neutral__8wekyb3d8bbwe [2020-10-04] (Microsoft Studios)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-03] (HP Inc.)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad]
    Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.200.0_x64__jb41c8remg0x2 [2020-05-29] (Polarr)
    Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-13] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-13] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

  3. #3
    Join Date
    Dec 2020
    Posts
    7
    ==================== Shortcuts & WMI ========================

    ==================== Loaded Modules (Whitelisted) =============

    2020-12-10 16:26 - 2020-12-10 16:26 - 104873984 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\libcef.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\libEGL.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\libGLESv2.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
    2020-12-02 21:47 - 2020-09-22 12:34 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 001289216 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000230529 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng14-14.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
    2020-11-26 18:33 - 2020-11-26 18:33 - 040403968 ____X () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.dll
    2020-11-14 00:29 - 2020-11-14 00:29 - 000052224 ____X () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\AudibleSystemFileWrapperRT.dll
    2020-01-20 02:32 - 2020-01-20 02:32 - 001123840 ____X () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\e_sqlite3.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 012968974 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 002427918 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avfilter-7.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 002538510 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000557582 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000126478 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000557582 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 001420800 _____ (Pizzolato Davide - www.xdp.it) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cximageu.dll
    2020-03-04 15:35 - 2020-03-04 15:35 - 004451328 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
    2020-03-04 15:35 - 2020-03-04 15:35 - 002630144 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
    2020-03-04 15:34 - 2020-03-04 15:34 - 006057472 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\chrome_elf.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\audio\qtaudio_windows.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qgif.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qico.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qjpeg.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qmng.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qsvg.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qtiff.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\platforms\qwindows.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQml\Models.2\modelsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick.2\qtquick2plugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Window.2\windowplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Core.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Gui.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Multimedia.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Network.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Qml.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Quick.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5QuickControls2.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5QuickTemplates2.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Svg.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Widgets.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5WinExtras.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Xml.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\amber\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
    AlternateDataStreams: C:\Users\amber\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2019-03-18 21:49 - 2019-03-18 21:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\Control Panel\Desktop\\Wallpaper -> c:\users\amber\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\wallpaper (1).jpg
    DNS Servers: 64.59.135.149 - 64.59.128.111
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

  4. #4
    Join Date
    Dec 2020
    Posts
    7
    ==================== Shortcuts & WMI ========================

    ==================== Loaded Modules (Whitelisted) =============

    2020-12-10 16:26 - 2020-12-10 16:26 - 104873984 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\libcef.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\libEGL.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\libGLESv2.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
    2020-12-02 21:47 - 2020-09-22 12:34 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 001289216 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000230529 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng14-14.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
    2020-11-26 18:33 - 2020-11-26 18:33 - 040403968 ____X () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.dll
    2020-11-14 00:29 - 2020-11-14 00:29 - 000052224 ____X () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\AudibleSystemFileWrapperRT.dll
    2020-01-20 02:32 - 2020-01-20 02:32 - 001123840 ____X () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\e_sqlite3.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
    2020-10-28 19:26 - 2020-10-28 19:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 012968974 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 002427918 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avfilter-7.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 002538510 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000557582 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000126478 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000557582 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 001420800 _____ (Pizzolato Davide - www.xdp.it) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cximageu.dll
    2020-03-04 15:35 - 2020-03-04 15:35 - 004451328 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
    2020-03-04 15:35 - 2020-03-04 15:35 - 002630144 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
    2020-03-04 15:34 - 2020-03-04 15:34 - 006057472 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\chrome_elf.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
    2020-12-02 21:47 - 2020-09-22 12:34 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\audio\qtaudio_windows.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qgif.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qico.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qjpeg.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qmng.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qsvg.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\imageformats\qtiff.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\platforms\qwindows.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQml\Models.2\modelsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick.2\qtquick2plugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\qml\QtQuick\Window.2\windowplugin.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Core.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Gui.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Multimedia.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Network.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Qml.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Quick.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5QuickControls2.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5QuickTemplates2.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Svg.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Widgets.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5WinExtras.dll
    2020-12-10 16:26 - 2020-12-10 16:26 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12558\Qt5Xml.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
    2019-12-26 07:39 - 2019-12-26 07:39 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\amber\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
    AlternateDataStreams: C:\Users\amber\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2019-03-18 21:49 - 2019-03-18 21:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
    HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\Control Panel\Desktop\\Wallpaper -> c:\users\amber\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\wallpaper (1).jpg
    DNS Servers: 64.59.135.149 - 64.59.128.111
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

  5. #5
    Join Date
    Dec 2020
    Posts
    7
    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{9D8E8997-498B-4F8B-9677-4B1AD339BB7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{85DE23E5-C9A8-4C2E-BD37-B7A5C6668CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{49CFD6A8-DDD9-4C2F-88FF-8EFD6BCF7339}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{9E7247CB-51E1-4964-8773-0DC7EA523B8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{7DF8BBF0-65E5-4B4F-96BB-3573F16F55E2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
    FirewallRules: [{15069E10-658D-46D3-9953-6F4E4A646E59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
    FirewallRules: [{EA85F7B2-D97F-4037-939C-5CC3361204F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{981128D0-9D1B-49E0-9890-B42BF5E6CB0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{E13749B0-DC16-4071-B7F5-925612155352}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
    FirewallRules: [{9CD31710-5943-4ED1-85C9-1540D248161D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
    FirewallRules: [{CFEB0768-DC15-4043-9734-99E31142DBB1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{9DF63116-A16A-429E-B44A-658088477C00}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{D9B69B4A-C16C-4D7A-AAD8-38B4B46B03AB}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{29B0F682-18EB-4CFA-974B-45FC4F177AD9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{38F4FA5C-AD82-4699-91DF-BFA028BCFAEE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
    FirewallRules: [{446E235D-02D0-4389-86C7-A84C79316F99}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
    FirewallRules: [{DA95010D-C7F4-4358-B8EB-4D105BAEDF07}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{5A649CE6-1BA4-484F-AC70-39E27D30B6FF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{5C08A5C8-0A51-4988-A171-793913E86B8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{1C158573-DBB6-4F1E-A7B4-4BC9061B00ED}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{7426429E-B2EA-4517-83CC-AF847FBFE655}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{085E81A3-EBC4-4ECE-AA3F-D65E6BBE78BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{9D87675E-25C1-4C15-9311-D82A94860ED9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
    FirewallRules: [{2CD4FAAA-F3DC-40DE-BE83-B11E87ACBC25}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
    FirewallRules: [TCP Query User{76133F5B-B98A-4678-8E2F-42D5ABA63025}D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe (Daybreak Game Company LLC -> Daybreak Game Company, LLC)
    FirewallRules: [UDP Query User{65C49733-F9FA-48D5-9E3A-276B9BB31CC4}D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe (Daybreak Game Company LLC -> Daybreak Game Company, LLC)
    FirewallRules: [{74E63B68-7672-471D-8487-B9EF3DB94F7F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
    FirewallRules: [{6CD86F8A-AFB5-4BEF-B986-AF149994C797}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
    FirewallRules: [{AC30F9B7-49B7-432B-88A3-C1057B028682}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
    FirewallRules: [{C1DA12AB-7C58-46C1-B3CB-830B8A8F32E8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
    FirewallRules: [{15A668FB-0B1C-4FCC-8B6D-FD6457ACBFCC}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Feesh\Feesh64.exe () [File not signed]
    FirewallRules: [{67F102A2-CA4A-4772-95B4-D433B66C1D33}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Feesh\Feesh64.exe () [File not signed]
    FirewallRules: [{8C6E7A58-CBBE-4A36-9B54-A1B95967696A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Microcosmum Survival of cells\Microcosmum.exe () [File not signed]
    FirewallRules: [{E45BE5EF-1362-4173-B1C6-9C4D2ED10033}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Microcosmum Survival of cells\Microcosmum.exe () [File not signed]
    FirewallRules: [{BFB28961-466E-4B3B-A28A-5D1AA8216E95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{AEA94158-A1C5-4CEE-AF2C-2247215165DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{2454EEFF-2986-4716-943B-42A39F2EDD09}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
    FirewallRules: [{C53AEC43-FD11-47E3-8E69-4B4150260B18}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
    FirewallRules: [{3897B836-FF58-4698-9D80-3C5F127330B5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Circuits.exe () [File not signed]
    FirewallRules: [{66C4955F-F0ED-4ABE-8B25-3D43308D781F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Circuits.exe () [File not signed]
    FirewallRules: [{D2FAB7EB-35A4-4226-9E7A-6FB817CD9CDE}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Composer\Composer.exe () [File not signed]
    FirewallRules: [{2B4C77BC-9481-4B42-B964-2CB5935C1252}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Composer\Composer.exe () [File not signed]
    FirewallRules: [{B34739A4-91B6-4D10-8745-7C6166447B22}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Plantera\Plantera.exe () [File not signed]
    FirewallRules: [{B0F15A52-A45F-4E2B-97DA-C7BF4577E511}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Plantera\Plantera.exe () [File not signed]
    FirewallRules: [{359E1702-F5DE-48F4-ADD4-2BD7A00B6FE7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FortressCraft\64\FC_64.exe () [File not signed]
    FirewallRules: [{BA39123D-78A2-4CBC-8F15-EB751B3995D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FortressCraft\64\FC_64.exe () [File not signed]
    FirewallRules: [{318077FE-1BF3-427F-B3B0-4DA603E9468D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{95AC1D2C-DE50-44BF-83C2-89037C5BFE0A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{AF6A3A91-3C2C-4D8D-96AB-01A5355A692B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{F5B3E639-D634-4D8F-B731-4A8CFDEB6FB7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{3928E540-A97E-434D-B44B-AAC78C433AC8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{20EED496-88DD-4C89-AC73-C4F6ABCBB925}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{A25E4188-E3B5-473D-9AD5-532F830F95F8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [{32C9C97C-768C-416C-AD06-2C3BC7A1BF16}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [TCP Query User{3B084697-F6E0-40EF-8C10-563357169FA5}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [UDP Query User{7E269AD0-FA39-41D3-B67B-390DF9FB2828}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [TCP Query User{803C2B29-30CB-4CAC-A6B7-071821BE670A}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
    FirewallRules: [UDP Query User{3B22B26C-F3C0-450F-8553-0951A63E072D}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
    FirewallRules: [{657B0B3C-B0A5-41AC-B909-FF81CA7448B8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
    FirewallRules: [{35D30C11-3464-424D-BEBD-33E7901150CA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
    FirewallRules: [{4B47D21A-D194-4349-8F1F-7562D880C1B0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
    FirewallRules: [{CFAC8926-7DA3-4D38-8B29-497199B61DB2}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
    FirewallRules: [TCP Query User{24E9BDB9-A877-4016-AF2E-F68AC0CFC09E}D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
    FirewallRules: [UDP Query User{F2A0DE12-A1D8-4383-843B-63A07B3BF0E6}D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
    FirewallRules: [TCP Query User{59539248-AEEF-45F6-943B-9262C4309E02}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [UDP Query User{3D89B029-E28B-49CB-99BA-B8661AC4A22C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{96072E22-FAE3-4918-BED8-7502E668C0E6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe () [File not signed]
    FirewallRules: [{BDFF2C0C-453F-4926-8D83-AF55BE3646D6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe () [File not signed]
    FirewallRules: [{C6BACD77-66E4-480B-BE6F-E5E0539A162F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
    FirewallRules: [{7F192265-5DA1-47B8-BE03-DB190578712B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
    FirewallRules: [{DE52C5DC-3412-4913-8D93-1381FD05861A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
    FirewallRules: [{C989991B-AF27-4C46-AD97-911A17EF384C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
    FirewallRules: [{930E0A32-58CA-43A6-8F84-C6CD67711990}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Absolute Drift\AbsoluteDrift.exe () [File not signed]
    FirewallRules: [{5DE602D6-8F60-4DC9-ADB6-04CA8795F78E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Absolute Drift\AbsoluteDrift.exe () [File not signed]
    FirewallRules: [{20FA1E49-4FC1-449D-8279-1C8B65E7F58F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
    FirewallRules: [{BC5A8C75-302A-4AFB-AD72-12BB2C2826C6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
    FirewallRules: [{B17C0C58-EA24-4F9B-B50F-D62D55CF0F8A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
    FirewallRules: [{07C8B9AB-E652-4B6A-985C-5CBB002BF1E1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
    FirewallRules: [{2829BE26-33FE-4C98-81B6-E21DAF8F6202}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PLAYNE\PLAYNE.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [{552E527B-CDC3-4904-A1A0-26A973C6005B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PLAYNE\PLAYNE.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [TCP Query User{7F5F98A9-FD71-444F-B34F-7E40621CF521}D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe => No File
    FirewallRules: [UDP Query User{772BA699-7FD1-4885-96FB-900575ABFF38}D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe => No File
    FirewallRules: [{6A369398-715C-485D-B821-1CBE928B33C2}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
    FirewallRules: [{F73B2733-9C01-44A5-AEA1-16002E9C0A63}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
    FirewallRules: [TCP Query User{88DF2492-6F37-4A3F-9934-289AAE86906C}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
    FirewallRules: [UDP Query User{290546A3-C887-47A8-81DA-BC230B7C51B2}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
    FirewallRules: [{C8AE1D58-F55B-42AE-BDB1-A020B03B2DBD}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Cell to Singularity\CellToSingularity.exe () [File not signed]
    FirewallRules: [{9399603D-782F-4BD9-8DA3-4A4C895FC049}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Cell to Singularity\CellToSingularity.exe () [File not signed]
    FirewallRules: [{8EEF5B0F-F9F9-442A-9AD3-5D0CF42D648E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
    FirewallRules: [{BFFE9DAD-D2FE-4806-8234-62EF19945932}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
    FirewallRules: [{CC56B5DC-99A2-44C3-875A-186C7A2FD0D4}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [{6E98A245-AC98-4F8E-AAA0-4DA60244763A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [TCP Query User{00195FD6-DA66-4539-A943-C7AACE20E1D6}D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
    FirewallRules: [UDP Query User{67DA109E-D044-4C94-A91B-ADCE92B1F562}D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
    FirewallRules: [{95A1BD66-F97E-4838-9367-BC31240EE0B6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [{E48A89C1-AF1D-41E0-9B2B-E0B4383F043F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [TCP Query User{2DAE8B8E-91C4-4058-8B96-3314A9F0FD53}D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
    FirewallRules: [UDP Query User{0DD66FAE-B6AA-4F77-9CDA-353999E79799}D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
    FirewallRules: [{7A721C2B-27F5-4F24-9BB7-98FD820A673A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
    FirewallRules: [{FE8CB4A2-CF1F-4E8A-B418-E38C0FC1FEED}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
    FirewallRules: [TCP Query User{855A6160-23F7-462B-9657-71CBF67B33AB}D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
    FirewallRules: [UDP Query User{615FFE8B-FC55-4A86-BED8-329404997FE8}D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
    FirewallRules: [TCP Query User{8D5735A5-5EEA-41F7-A89D-288D59B67D11}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
    FirewallRules: [UDP Query User{6E591630-49B6-4B99-8B5E-E725F9B4B56D}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
    FirewallRules: [{58D9DA17-9496-4AAB-89CD-E7F630857DF6}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
    FirewallRules: [{12EED022-3611-4537-A4F3-2DB0E95BDC26}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
    FirewallRules: [{7E182D3A-E724-4621-9B33-D7141A1314B1}] => (Allow) C:\Users\amber\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{C9B6941C-076B-4400-AA9A-6DCFF3CF8857}] => (Allow) C:\Users\amber\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [TCP Query User{936258AC-91C7-4EC1-B460-EB8923FCF626}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [UDP Query User{993EAAF3-4BD4-4DC6-B908-E8BB8C171A9E}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [TCP Query User{06DEAEE0-1916-45CB-8639-FC314346C5A8}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [UDP Query User{43DB4C40-2678-4649-A752-44BBE02B81A9}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [{B1E63461-4358-49A2-AFEA-B27C43EB4090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{84D661AD-3A82-48AF-B0B9-CCF009AFEBBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{873BC43F-EF63-4B8E-A753-D4054FDA909B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{0F01D4E4-71DF-4932-A764-E594B88B2ACE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{EA8CFC7B-97C6-4004-AD23-576C16DBD045}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
    FirewallRules: [{7B200500-2C71-4EF2-A8E6-E79C9B5E2F9B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
    FirewallRules: [{9305E605-5878-462E-BE90-E2CD61BD2EC1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
    FirewallRules: [{F2148FFF-9AED-4085-82D8-4A9BEE65CC02}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
    FirewallRules: [{09BE2B58-7D08-45C7-A829-1451D4ADF237}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Talisman\Talisman.exe () [File not signed]
    FirewallRules: [{025E7DD2-F542-4723-808E-666A6AFF1444}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Talisman\Talisman.exe () [File not signed]
    FirewallRules: [{84C821C8-5812-4F02-8135-B20498D35CF8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
    FirewallRules: [{05B15871-309E-4774-A41F-A716D613D7FB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
    FirewallRules: [{C70E7CF0-991A-4A50-8AC7-1C379058F41D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
    FirewallRules: [{87C98776-9C47-43D5-9B08-1865849D5967}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
    FirewallRules: [{A1D280DF-0889-4D7F-846F-910E96C20FCE}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
    FirewallRules: [{51938AEC-E457-4755-8BB4-C7FB3C4D7FAD}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
    FirewallRules: [{60DF5A39-CBD3-4626-8534-3AC1335ADEAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
    FirewallRules: [{790D6396-A9CD-48BD-9522-AF048869B266}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
    FirewallRules: [{FC3B17AC-5C6F-4830-90AD-1C8C50AD77C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
    FirewallRules: [{8CE19643-4835-47B4-ADAE-AEF24449A731}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
    FirewallRules: [{48EC6144-5323-4DAD-99EE-3AF059F3C925}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Idle Expanse\Lyric\Binaries\Win64\IdleExpanse-Win64.exe (Lyrical Games LLC) [File not signed]
    FirewallRules: [{D9CDBA69-CF1D-4010-8960-F317754EBE9F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Idle Expanse\Lyric\Binaries\Win64\IdleExpanse-Win64.exe (Lyrical Games LLC) [File not signed]
    FirewallRules: [{4191B2B6-EC7B-44A6-8A47-3EF34DD49C6D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Crafting Idle Clicker\Crafting Idle Clicker.exe () [File not signed]
    FirewallRules: [{3E4A8665-E991-4FBA-AF09-EF22BCD60571}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Crafting Idle Clicker\Crafting Idle Clicker.exe () [File not signed]
    FirewallRules: [{649654C6-6E69-42CF-A759-6304635426E6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\NGU IDLE\NGUIdle.exe () [File not signed]
    FirewallRules: [{0A1BC897-6097-457F-9FA6-405C0950C605}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\NGU IDLE\NGUIdle.exe () [File not signed]
    FirewallRules: [{7DDB5D71-07AD-49B8-A29A-8DA692D3D2A3}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
    FirewallRules: [{EA69D41E-21A6-479E-8BC5-226FCB1998E4}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
    FirewallRules: [{C25FBFFF-5501-44D1-AE21-5186172E8B7B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
    FirewallRules: [{DCCF9FC8-A49C-4E02-A639-408FCEE0A8BF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
    FirewallRules: [{72C0A75E-7AF0-4C8E-BF9E-1D8A4E0A3759}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
    FirewallRules: [{31770516-6174-4E63-93ED-FA1165975CF1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
    FirewallRules: [{7DFF55BE-CE43-4A2C-A105-76EE446DD95C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
    FirewallRules: [{899D65EE-4C33-40A2-BB0F-15A232AB5EEA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
    FirewallRules: [{2BAF2B2F-7BAB-46CC-B6EE-7D8421CA9E2D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
    FirewallRules: [{8B6231E4-EACA-4AF0-BB73-75040EC28C61}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
    FirewallRules: [{C635ABAA-686A-4D74-975B-AFFAD45962CE}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
    FirewallRules: [{84E56789-9056-4D0E-B8D5-D97F6D922E47}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
    FirewallRules: [{DA9EBDD8-0097-4EA6-A3D8-BB55B3DB746C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{CE1F6AC1-1FA8-42FC-91C9-8A6FEAC86A18}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{D89B5C55-7FCC-437C-8454-91F06730DACC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{2BCFD371-565E-4120-8A38-284521E1756C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{B7659ED2-2DFF-46E1-A1CC-EA3E375D7303}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{1AE0F567-B871-4765-8E1D-700C57B40EE1}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{4AE6F9C2-743A-4A92-A156-27F7AEA5C50E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{B3825C18-E754-4EFA-A82B-79D7C79F2C8A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{DCC71672-D204-407D-8B5B-A54E5E453E4D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{03E58B03-087D-4E2A-AF85-1A4E0A562AAE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{A24754D3-62D1-4EFF-9560-8957A18ADC2A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{9ED5EBFA-9E6B-4B5D-BF58-86683685AA42}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{B2B89E55-3F6E-47C2-9A82-A7EAB6EC6886}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{F2C4457A-565D-4D9C-8A48-0FB10CD282F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{C325809E-8F08-4417-9737-1A0CB32CABB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{52D377EF-A999-4C24-AAF7-3308678718E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{AA46130C-0D35-44C6-BA0C-14F8B36D28AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{3D0CF7D3-7E89-4475-88D7-BD55D41CD21F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{B2A4DFE5-1655-4A27-849D-4BDE60D6B8E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{09358231-36DF-49BB-972D-90A7777FB7DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{D1548037-E4D1-4A7B-ACB8-A20CF3FDD180}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

    ==================== Restore Points =========================

    10-12-2020 00:07:07 Windows Update

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (12/12/2020 03:10:23 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (12/12/2020 02:40:15 AM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
    ]

    Error: (12/05/2020 10:17:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: Razer Synapse Service Process.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: exception code c0000005, exception address 00000000
    Stack:
    at Microsoft.Win32.UnsafeNativeMethods.DefWindowProc(IntPtr, Int32, IntPtr, IntPtr)
    at Microsoft.Win32.SystemEvents.WindowProc(IntPtr, Int32, IntPtr, IntPtr)
    at System.Windows.Forms.UnsafeNativeMethods.PeekMessage(MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32, Int32)
    at System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)
    at System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
    at System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
    at System.Windows.Forms.Application.Run(System.Windows.Forms.Form)
    at Synapse3.UserInteractive.Program.Main()

    Error: (11/22/2020 08:08:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: dwm.exe, version: 10.0.18362.387, time stamp: 0x8e064b77
    Faulting module name: ntdll.dll, version: 10.0.18362.1171, time stamp: 0x103a4719
    Exception code: 0xc000000d
    Fault offset: 0x000000000010f010
    Faulting process id: 0x588
    Faulting application start time: 0x01d6ba56a4e01824
    Faulting application path: C:\Windows\system32\dwm.exe
    Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report Id: b40df67a-b484-4cf8-9b7c-7f5aed7b1dd6
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/12/2020 03:10:12 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (11/11/2020 11:18:40 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
    Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 16952 and the required size was 43344.

    Error: (10/30/2020 11:46:50 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NT AUTHORITY)
    Description: Application or service 'GameInput Service' could not be restarted.

    Error: (10/17/2020 04:55:15 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_WbioSrvc, version: 10.0.18362.1, time stamp: 0x32d6c210
    Faulting module name: FACERECOGNITIONENGINEADAPTER.DLL, version: 10.0.18362.1110, time stamp: 0x841702b7
    Exception code: 0xc0000005
    Fault offset: 0x00000000000010e3
    Faulting process id: 0xe2c
    Faulting application start time: 0x01d6a4dec39e5bf3
    Faulting application path: C:\Windows\system32\svchost.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACERECOGNITIONENGINEADAPTER.DLL
    Report Id: a9d00c5e-d5e8-4402-bd25-40fbe7ec1eef
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (12/12/2020 03:42:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 03:16:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 02:43:20 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 02:43:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Avast Browser Update Service (avast) service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (12/12/2020 02:41:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 02:41:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The p2psvc service depends on the PNRPsvc service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (12/12/2020 01:29:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.

    Error: (12/11/2020 03:42:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.


    Windows Defender:
    ===================================
    Date: 2020-12-10 08:07:00.050
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {D5C736DC-29B4-4C1B-8BF5-D1F820785997}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-12-09 06:03:33.940
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {B03CE409-C27F-4D0E-8DF4-3FB1335C2A5A}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-12-07 03:11:20.764
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {F193A9BE-B17B-4608-BDAA-B916D89344F4}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-12-01 22:47:32.486
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {C20804F2-70E6-40CB-8847-45BA855E7BC2}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-11-30 21:20:32.654
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {697901DA-EEB6-4911-8531-A587FB0D80F9}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    CodeIntegrity:
    ===================================

    Date: 2020-12-12 05:38:02.643
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:37:41.737
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:37:30.518
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:37:23.702
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:36:51.531
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:35:45.506
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:34:53.692
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:34:53.584
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: American Megatrends Inc. P1.50 11/05/2018
    Motherboard: ASRock B450 Pro4
    Processor: AMD Ryzen 5 2600X Six-Core Processor
    Percentage of memory in use: 68%
    Total physical RAM: 16316.68 MB
    Available physical RAM: 5162.68 MB
    Total Virtual: 33724.68 MB
    Available Virtual: 14548.7 MB

    ==================== Drives ================================

    Drive c: (M2) (Fixed) (Total:893.69 GB) (Free:55.9 GB) NTFS
    Drive d: (SSD) (Fixed) (Total:894.25 GB) (Free:204.76 GB) NTFS
    Drive e: (Disk) (Fixed) (Total:684.7 GB) (Free:657.71 GB) NTFS
    Drive f: (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.1 GB) NTFS ==>[system with boot components (obtained from drive)]

    \\?\Volume{d8049beb-c9b5-11e2-a2b6-ec0ab676bcf8}\ (System) (Fixed) (Total:1 GB) (Free:0.64 GB) NTFS
    \\?\Volume{34c62b18-f9e5-4fa5-9a31-a476e1eca345}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
    \\?\Volume{49fe267f-a0b8-4cd6-b906-0000dcdcd822}\ (Recovery) (Fixed) (Total:12.12 GB) (Free:0.84 GB) NTFS
    \\?\Volume{09f51f40-4381-f564-e2cc-558c91e2368e}\ () (Fixed) (Total:109.62 GB) (Free:0 GB) NTFS
    \\?\Volume{d8049bf3-c9b5-11e2-a2b6-ec0ab676bcf8}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: 27C41E95)
    Partition 1: (Not Active) - (Size=894.3 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 1 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 2 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: DB1B46B8)
    Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=893.7 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1024 GB) (Disk ID: 1339C1FA)
    Partition 1: (Not Active) - (Size=1024 GB) - (Type=07 NTFS)
    Attempted reading MBR returned 0 bytes.
    Could not read MBR for disk 4.

    ==================== End of Addition.txt =======================

  6. #6
    Join Date
    Dec 2020
    Posts
    7
    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{9D8E8997-498B-4F8B-9677-4B1AD339BB7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{85DE23E5-C9A8-4C2E-BD37-B7A5C6668CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{49CFD6A8-DDD9-4C2F-88FF-8EFD6BCF7339}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{9E7247CB-51E1-4964-8773-0DC7EA523B8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{7DF8BBF0-65E5-4B4F-96BB-3573F16F55E2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
    FirewallRules: [{15069E10-658D-46D3-9953-6F4E4A646E59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
    FirewallRules: [{EA85F7B2-D97F-4037-939C-5CC3361204F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{981128D0-9D1B-49E0-9890-B42BF5E6CB0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{E13749B0-DC16-4071-B7F5-925612155352}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
    FirewallRules: [{9CD31710-5943-4ED1-85C9-1540D248161D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
    FirewallRules: [{CFEB0768-DC15-4043-9734-99E31142DBB1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{9DF63116-A16A-429E-B44A-658088477C00}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{D9B69B4A-C16C-4D7A-AAD8-38B4B46B03AB}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{29B0F682-18EB-4CFA-974B-45FC4F177AD9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{38F4FA5C-AD82-4699-91DF-BFA028BCFAEE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
    FirewallRules: [{446E235D-02D0-4389-86C7-A84C79316F99}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
    FirewallRules: [{DA95010D-C7F4-4358-B8EB-4D105BAEDF07}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{5A649CE6-1BA4-484F-AC70-39E27D30B6FF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{5C08A5C8-0A51-4988-A171-793913E86B8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{1C158573-DBB6-4F1E-A7B4-4BC9061B00ED}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [{7426429E-B2EA-4517-83CC-AF847FBFE655}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{085E81A3-EBC4-4ECE-AA3F-D65E6BBE78BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{9D87675E-25C1-4C15-9311-D82A94860ED9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
    FirewallRules: [{2CD4FAAA-F3DC-40DE-BE83-B11E87ACBC25}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
    FirewallRules: [TCP Query User{76133F5B-B98A-4678-8E2F-42D5ABA63025}D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe (Daybreak Game Company LLC -> Daybreak Game Company, LLC)
    FirewallRules: [UDP Query User{65C49733-F9FA-48D5-9E3A-276B9BB31CC4}D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe (Daybreak Game Company LLC -> Daybreak Game Company, LLC)
    FirewallRules: [{74E63B68-7672-471D-8487-B9EF3DB94F7F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
    FirewallRules: [{6CD86F8A-AFB5-4BEF-B986-AF149994C797}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
    FirewallRules: [{AC30F9B7-49B7-432B-88A3-C1057B028682}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
    FirewallRules: [{C1DA12AB-7C58-46C1-B3CB-830B8A8F32E8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
    FirewallRules: [{15A668FB-0B1C-4FCC-8B6D-FD6457ACBFCC}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Feesh\Feesh64.exe () [File not signed]
    FirewallRules: [{67F102A2-CA4A-4772-95B4-D433B66C1D33}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Feesh\Feesh64.exe () [File not signed]
    FirewallRules: [{8C6E7A58-CBBE-4A36-9B54-A1B95967696A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Microcosmum Survival of cells\Microcosmum.exe () [File not signed]
    FirewallRules: [{E45BE5EF-1362-4173-B1C6-9C4D2ED10033}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Microcosmum Survival of cells\Microcosmum.exe () [File not signed]
    FirewallRules: [{BFB28961-466E-4B3B-A28A-5D1AA8216E95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{AEA94158-A1C5-4CEE-AF2C-2247215165DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{2454EEFF-2986-4716-943B-42A39F2EDD09}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
    FirewallRules: [{C53AEC43-FD11-47E3-8E69-4B4150260B18}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe () [File not signed]
    FirewallRules: [{3897B836-FF58-4698-9D80-3C5F127330B5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Circuits.exe () [File not signed]
    FirewallRules: [{66C4955F-F0ED-4ABE-8B25-3D43308D781F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Circuits.exe () [File not signed]
    FirewallRules: [{D2FAB7EB-35A4-4226-9E7A-6FB817CD9CDE}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Composer\Composer.exe () [File not signed]
    FirewallRules: [{2B4C77BC-9481-4B42-B964-2CB5935C1252}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Circuits\Composer\Composer.exe () [File not signed]
    FirewallRules: [{B34739A4-91B6-4D10-8745-7C6166447B22}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Plantera\Plantera.exe () [File not signed]
    FirewallRules: [{B0F15A52-A45F-4E2B-97DA-C7BF4577E511}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Plantera\Plantera.exe () [File not signed]
    FirewallRules: [{359E1702-F5DE-48F4-ADD4-2BD7A00B6FE7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FortressCraft\64\FC_64.exe () [File not signed]
    FirewallRules: [{BA39123D-78A2-4CBC-8F15-EB751B3995D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FortressCraft\64\FC_64.exe () [File not signed]
    FirewallRules: [{318077FE-1BF3-427F-B3B0-4DA603E9468D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{95AC1D2C-DE50-44BF-83C2-89037C5BFE0A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{AF6A3A91-3C2C-4D8D-96AB-01A5355A692B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{F5B3E639-D634-4D8F-B731-4A8CFDEB6FB7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{3928E540-A97E-434D-B44B-AAC78C433AC8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{20EED496-88DD-4C89-AC73-C4F6ABCBB925}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{A25E4188-E3B5-473D-9AD5-532F830F95F8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [{32C9C97C-768C-416C-AD06-2C3BC7A1BF16}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [TCP Query User{3B084697-F6E0-40EF-8C10-563357169FA5}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [UDP Query User{7E269AD0-FA39-41D3-B67B-390DF9FB2828}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
    FirewallRules: [TCP Query User{803C2B29-30CB-4CAC-A6B7-071821BE670A}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
    FirewallRules: [UDP Query User{3B22B26C-F3C0-450F-8553-0951A63E072D}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
    FirewallRules: [{657B0B3C-B0A5-41AC-B909-FF81CA7448B8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
    FirewallRules: [{35D30C11-3464-424D-BEBD-33E7901150CA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
    FirewallRules: [{4B47D21A-D194-4349-8F1F-7562D880C1B0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
    FirewallRules: [{CFAC8926-7DA3-4D38-8B29-497199B61DB2}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
    FirewallRules: [TCP Query User{24E9BDB9-A877-4016-AF2E-F68AC0CFC09E}D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
    FirewallRules: [UDP Query User{F2A0DE12-A1D8-4383-843B-63A07B3BF0E6}D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
    FirewallRules: [TCP Query User{59539248-AEEF-45F6-943B-9262C4309E02}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [UDP Query User{3D89B029-E28B-49CB-99BA-B8661AC4A22C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
    FirewallRules: [{96072E22-FAE3-4918-BED8-7502E668C0E6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe () [File not signed]
    FirewallRules: [{BDFF2C0C-453F-4926-8D83-AF55BE3646D6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe () [File not signed]
    FirewallRules: [{C6BACD77-66E4-480B-BE6F-E5E0539A162F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
    FirewallRules: [{7F192265-5DA1-47B8-BE03-DB190578712B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
    FirewallRules: [{DE52C5DC-3412-4913-8D93-1381FD05861A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
    FirewallRules: [{C989991B-AF27-4C46-AD97-911A17EF384C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
    FirewallRules: [{930E0A32-58CA-43A6-8F84-C6CD67711990}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Absolute Drift\AbsoluteDrift.exe () [File not signed]
    FirewallRules: [{5DE602D6-8F60-4DC9-ADB6-04CA8795F78E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Absolute Drift\AbsoluteDrift.exe () [File not signed]
    FirewallRules: [{20FA1E49-4FC1-449D-8279-1C8B65E7F58F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
    FirewallRules: [{BC5A8C75-302A-4AFB-AD72-12BB2C2826C6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
    FirewallRules: [{B17C0C58-EA24-4F9B-B50F-D62D55CF0F8A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
    FirewallRules: [{07C8B9AB-E652-4B6A-985C-5CBB002BF1E1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
    FirewallRules: [{2829BE26-33FE-4C98-81B6-E21DAF8F6202}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PLAYNE\PLAYNE.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [{552E527B-CDC3-4904-A1A0-26A973C6005B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PLAYNE\PLAYNE.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [TCP Query User{7F5F98A9-FD71-444F-B34F-7E40621CF521}D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe => No File
    FirewallRules: [UDP Query User{772BA699-7FD1-4885-96FB-900575ABFF38}D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\playne\playne\binaries\win32\playne-win32-shipping.exe => No File
    FirewallRules: [{6A369398-715C-485D-B821-1CBE928B33C2}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
    FirewallRules: [{F73B2733-9C01-44A5-AEA1-16002E9C0A63}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
    FirewallRules: [TCP Query User{88DF2492-6F37-4A3F-9934-289AAE86906C}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
    FirewallRules: [UDP Query User{290546A3-C887-47A8-81DA-BC230B7C51B2}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
    FirewallRules: [{C8AE1D58-F55B-42AE-BDB1-A020B03B2DBD}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Cell to Singularity\CellToSingularity.exe () [File not signed]
    FirewallRules: [{9399603D-782F-4BD9-8DA3-4A4C895FC049}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Cell to Singularity\CellToSingularity.exe () [File not signed]
    FirewallRules: [{8EEF5B0F-F9F9-442A-9AD3-5D0CF42D648E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
    FirewallRules: [{BFFE9DAD-D2FE-4806-8234-62EF19945932}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
    FirewallRules: [{CC56B5DC-99A2-44C3-875A-186C7A2FD0D4}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [{6E98A245-AC98-4F8E-AAA0-4DA60244763A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
    FirewallRules: [TCP Query User{00195FD6-DA66-4539-A943-C7AACE20E1D6}D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
    FirewallRules: [UDP Query User{67DA109E-D044-4C94-A91B-ADCE92B1F562}D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
    FirewallRules: [{95A1BD66-F97E-4838-9367-BC31240EE0B6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [{E48A89C1-AF1D-41E0-9B2B-E0B4383F043F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
    FirewallRules: [TCP Query User{2DAE8B8E-91C4-4058-8B96-3314A9F0FD53}D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
    FirewallRules: [UDP Query User{0DD66FAE-B6AA-4F77-9CDA-353999E79799}D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
    FirewallRules: [{7A721C2B-27F5-4F24-9BB7-98FD820A673A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
    FirewallRules: [{FE8CB4A2-CF1F-4E8A-B418-E38C0FC1FEED}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
    FirewallRules: [TCP Query User{855A6160-23F7-462B-9657-71CBF67B33AB}D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
    FirewallRules: [UDP Query User{615FFE8B-FC55-4A86-BED8-329404997FE8}D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
    FirewallRules: [TCP Query User{8D5735A5-5EEA-41F7-A89D-288D59B67D11}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
    FirewallRules: [UDP Query User{6E591630-49B6-4B99-8B5E-E725F9B4B56D}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
    FirewallRules: [{58D9DA17-9496-4AAB-89CD-E7F630857DF6}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
    FirewallRules: [{12EED022-3611-4537-A4F3-2DB0E95BDC26}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
    FirewallRules: [{7E182D3A-E724-4621-9B33-D7141A1314B1}] => (Allow) C:\Users\amber\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{C9B6941C-076B-4400-AA9A-6DCFF3CF8857}] => (Allow) C:\Users\amber\AppData\Roaming\Zoom\bin\airhost.exe => No File
    FirewallRules: [TCP Query User{936258AC-91C7-4EC1-B460-EB8923FCF626}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [UDP Query User{993EAAF3-4BD4-4DC6-B908-E8BB8C171A9E}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [TCP Query User{06DEAEE0-1916-45CB-8639-FC314346C5A8}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [UDP Query User{43DB4C40-2678-4649-A752-44BBE02B81A9}C:\program files (x86)\samsung\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    FirewallRules: [{B1E63461-4358-49A2-AFEA-B27C43EB4090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{84D661AD-3A82-48AF-B0B9-CCF009AFEBBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{873BC43F-EF63-4B8E-A753-D4054FDA909B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{0F01D4E4-71DF-4932-A764-E594B88B2ACE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{EA8CFC7B-97C6-4004-AD23-576C16DBD045}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
    FirewallRules: [{7B200500-2C71-4EF2-A8E6-E79C9B5E2F9B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
    FirewallRules: [{9305E605-5878-462E-BE90-E2CD61BD2EC1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
    FirewallRules: [{F2148FFF-9AED-4085-82D8-4A9BEE65CC02}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
    FirewallRules: [{09BE2B58-7D08-45C7-A829-1451D4ADF237}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Talisman\Talisman.exe () [File not signed]
    FirewallRules: [{025E7DD2-F542-4723-808E-666A6AFF1444}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Talisman\Talisman.exe () [File not signed]
    FirewallRules: [{84C821C8-5812-4F02-8135-B20498D35CF8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
    FirewallRules: [{05B15871-309E-4774-A41F-A716D613D7FB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mysterium\Mysterium.exe () [File not signed]
    FirewallRules: [{C70E7CF0-991A-4A50-8AC7-1C379058F41D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
    FirewallRules: [{87C98776-9C47-43D5-9B08-1865849D5967}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Waterdeep\Waterdeep.exe () [File not signed]
    FirewallRules: [{A1D280DF-0889-4D7F-846F-910E96C20FCE}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
    FirewallRules: [{51938AEC-E457-4755-8BB4-C7FB3C4D7FAD}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
    FirewallRules: [{60DF5A39-CBD3-4626-8534-3AC1335ADEAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
    FirewallRules: [{790D6396-A9CD-48BD-9522-AF048869B266}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
    FirewallRules: [{FC3B17AC-5C6F-4830-90AD-1C8C50AD77C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
    FirewallRules: [{8CE19643-4835-47B4-ADAE-AEF24449A731}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
    FirewallRules: [{48EC6144-5323-4DAD-99EE-3AF059F3C925}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Idle Expanse\Lyric\Binaries\Win64\IdleExpanse-Win64.exe (Lyrical Games LLC) [File not signed]
    FirewallRules: [{D9CDBA69-CF1D-4010-8960-F317754EBE9F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Idle Expanse\Lyric\Binaries\Win64\IdleExpanse-Win64.exe (Lyrical Games LLC) [File not signed]
    FirewallRules: [{4191B2B6-EC7B-44A6-8A47-3EF34DD49C6D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Crafting Idle Clicker\Crafting Idle Clicker.exe () [File not signed]
    FirewallRules: [{3E4A8665-E991-4FBA-AF09-EF22BCD60571}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Crafting Idle Clicker\Crafting Idle Clicker.exe () [File not signed]
    FirewallRules: [{649654C6-6E69-42CF-A759-6304635426E6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\NGU IDLE\NGUIdle.exe () [File not signed]
    FirewallRules: [{0A1BC897-6097-457F-9FA6-405C0950C605}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\NGU IDLE\NGUIdle.exe () [File not signed]
    FirewallRules: [{7DDB5D71-07AD-49B8-A29A-8DA692D3D2A3}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
    FirewallRules: [{EA69D41E-21A6-479E-8BC5-226FCB1998E4}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
    FirewallRules: [{C25FBFFF-5501-44D1-AE21-5186172E8B7B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
    FirewallRules: [{DCCF9FC8-A49C-4E02-A639-408FCEE0A8BF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
    FirewallRules: [{72C0A75E-7AF0-4C8E-BF9E-1D8A4E0A3759}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
    FirewallRules: [{31770516-6174-4E63-93ED-FA1165975CF1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
    FirewallRules: [{7DFF55BE-CE43-4A2C-A105-76EE446DD95C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
    FirewallRules: [{899D65EE-4C33-40A2-BB0F-15A232AB5EEA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
    FirewallRules: [{2BAF2B2F-7BAB-46CC-B6EE-7D8421CA9E2D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
    FirewallRules: [{8B6231E4-EACA-4AF0-BB73-75040EC28C61}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
    FirewallRules: [{C635ABAA-686A-4D74-975B-AFFAD45962CE}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
    FirewallRules: [{84E56789-9056-4D0E-B8D5-D97F6D922E47}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
    FirewallRules: [{DA9EBDD8-0097-4EA6-A3D8-BB55B3DB746C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{CE1F6AC1-1FA8-42FC-91C9-8A6FEAC86A18}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{D89B5C55-7FCC-437C-8454-91F06730DACC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{2BCFD371-565E-4120-8A38-284521E1756C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{B7659ED2-2DFF-46E1-A1CC-EA3E375D7303}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{1AE0F567-B871-4765-8E1D-700C57B40EE1}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
    FirewallRules: [{4AE6F9C2-743A-4A92-A156-27F7AEA5C50E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{B3825C18-E754-4EFA-A82B-79D7C79F2C8A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{DCC71672-D204-407D-8B5B-A54E5E453E4D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{03E58B03-087D-4E2A-AF85-1A4E0A562AAE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{A24754D3-62D1-4EFF-9560-8957A18ADC2A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{9ED5EBFA-9E6B-4B5D-BF58-86683685AA42}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
    FirewallRules: [{B2B89E55-3F6E-47C2-9A82-A7EAB6EC6886}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{F2C4457A-565D-4D9C-8A48-0FB10CD282F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{C325809E-8F08-4417-9737-1A0CB32CABB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{52D377EF-A999-4C24-AAF7-3308678718E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{AA46130C-0D35-44C6-BA0C-14F8B36D28AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{3D0CF7D3-7E89-4475-88D7-BD55D41CD21F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{B2A4DFE5-1655-4A27-849D-4BDE60D6B8E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{09358231-36DF-49BB-972D-90A7777FB7DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{D1548037-E4D1-4A7B-ACB8-A20CF3FDD180}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

    ==================== Restore Points =========================

    10-12-2020 00:07:07 Windows Update

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (12/12/2020 03:10:23 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (12/12/2020 02:40:15 AM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
    ]

    Error: (12/05/2020 10:17:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: Razer Synapse Service Process.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: exception code c0000005, exception address 00000000
    Stack:
    at Microsoft.Win32.UnsafeNativeMethods.DefWindowProc(IntPtr, Int32, IntPtr, IntPtr)
    at Microsoft.Win32.SystemEvents.WindowProc(IntPtr, Int32, IntPtr, IntPtr)
    at System.Windows.Forms.UnsafeNativeMethods.PeekMessage(MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32, Int32)
    at System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)
    at System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
    at System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
    at System.Windows.Forms.Application.Run(System.Windows.Forms.Form)
    at Synapse3.UserInteractive.Program.Main()

    Error: (11/22/2020 08:08:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: dwm.exe, version: 10.0.18362.387, time stamp: 0x8e064b77
    Faulting module name: ntdll.dll, version: 10.0.18362.1171, time stamp: 0x103a4719
    Exception code: 0xc000000d
    Fault offset: 0x000000000010f010
    Faulting process id: 0x588
    Faulting application start time: 0x01d6ba56a4e01824
    Faulting application path: C:\Windows\system32\dwm.exe
    Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report Id: b40df67a-b484-4cf8-9b7c-7f5aed7b1dd6
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/12/2020 03:10:12 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (11/11/2020 11:18:40 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
    Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 16952 and the required size was 43344.

    Error: (10/30/2020 11:46:50 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NT AUTHORITY)
    Description: Application or service 'GameInput Service' could not be restarted.

    Error: (10/17/2020 04:55:15 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_WbioSrvc, version: 10.0.18362.1, time stamp: 0x32d6c210
    Faulting module name: FACERECOGNITIONENGINEADAPTER.DLL, version: 10.0.18362.1110, time stamp: 0x841702b7
    Exception code: 0xc0000005
    Fault offset: 0x00000000000010e3
    Faulting process id: 0xe2c
    Faulting application start time: 0x01d6a4dec39e5bf3
    Faulting application path: C:\Windows\system32\svchost.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACERECOGNITIONENGINEADAPTER.DLL
    Report Id: a9d00c5e-d5e8-4402-bd25-40fbe7ec1eef
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (12/12/2020 03:42:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 03:16:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 02:43:20 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 02:43:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Avast Browser Update Service (avast) service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (12/12/2020 02:41:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (12/12/2020 02:41:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The p2psvc service depends on the PNRPsvc service which failed to start because of the following error:
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Error: (12/12/2020 01:29:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.

    Error: (12/11/2020 03:42:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG2HJ54)
    Description: The server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.


    Windows Defender:
    ===================================
    Date: 2020-12-10 08:07:00.050
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {D5C736DC-29B4-4C1B-8BF5-D1F820785997}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-12-09 06:03:33.940
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {B03CE409-C27F-4D0E-8DF4-3FB1335C2A5A}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-12-07 03:11:20.764
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {F193A9BE-B17B-4608-BDAA-B916D89344F4}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-12-01 22:47:32.486
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {C20804F2-70E6-40CB-8847-45BA855E7BC2}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-11-30 21:20:32.654
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {697901DA-EEB6-4911-8531-A587FB0D80F9}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    CodeIntegrity:
    ===================================

    Date: 2020-12-12 05:38:02.643
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:37:41.737
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:37:30.518
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:37:23.702
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:36:51.531
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:35:45.506
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:34:53.692
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-12-12 05:34:53.584
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: American Megatrends Inc. P1.50 11/05/2018
    Motherboard: ASRock B450 Pro4
    Processor: AMD Ryzen 5 2600X Six-Core Processor
    Percentage of memory in use: 68%
    Total physical RAM: 16316.68 MB
    Available physical RAM: 5162.68 MB
    Total Virtual: 33724.68 MB
    Available Virtual: 14548.7 MB

    ==================== Drives ================================

    Drive c: (M2) (Fixed) (Total:893.69 GB) (Free:55.9 GB) NTFS
    Drive d: (SSD) (Fixed) (Total:894.25 GB) (Free:204.76 GB) NTFS
    Drive e: (Disk) (Fixed) (Total:684.7 GB) (Free:657.71 GB) NTFS
    Drive f: (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.1 GB) NTFS ==>[system with boot components (obtained from drive)]

    \\?\Volume{d8049beb-c9b5-11e2-a2b6-ec0ab676bcf8}\ (System) (Fixed) (Total:1 GB) (Free:0.64 GB) NTFS
    \\?\Volume{34c62b18-f9e5-4fa5-9a31-a476e1eca345}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
    \\?\Volume{49fe267f-a0b8-4cd6-b906-0000dcdcd822}\ (Recovery) (Fixed) (Total:12.12 GB) (Free:0.84 GB) NTFS
    \\?\Volume{09f51f40-4381-f564-e2cc-558c91e2368e}\ () (Fixed) (Total:109.62 GB) (Free:0 GB) NTFS
    \\?\Volume{d8049bf3-c9b5-11e2-a2b6-ec0ab676bcf8}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: 27C41E95)
    Partition 1: (Not Active) - (Size=894.3 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 1 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 2 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: DB1B46B8)
    Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=893.7 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1024 GB) (Disk ID: 1339C1FA)
    Partition 1: (Not Active) - (Size=1024 GB) - (Type=07 NTFS)
    Attempted reading MBR returned 0 bytes.
    Could not read MBR for disk 4.

    ==================== End of Addition.txt =======================

  7. #7
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,478
    Please, observe following rules:

    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.



    =================================

    You're not saying what the problems are.

    Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Remove Selected.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.

    Please download Malwarebytes to your desktop.
    • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
    • Then click Finish.
    • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
    • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
    • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
    • Restart your computer when prompted to do so.
    • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.

    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

  8. #8
    Join Date
    Dec 2020
    Posts
    7
    My computer has been acting strange since march. I can't remember exactly what tipped me off that I might have a virus but it was enough for me to get worried and run a few scans.
    In March I took my old laptop hard drive and hooked it up to my PC for some extra space and I think some virus may have been on there.
    I ran malware bytes in march and nothing was detected. I wasn't satisfied that my computer was clean so I downloaded GlassWire, nothing was initially detected.
    I noticed an alert that there was a detection but it was alerting Origin and Origin is fine. After that, I decided glasswire was just bugged and I was just being paranoid.

    I recently checked GlassWire and I have quite a few alerts on a bunch of different things. I can list them if necessary.
    Not trusting glasswire I used command prompt netstat /nbf and i have established connections listed as "cannot obtain ownership information"

    Im probably just paranoid and glasswire is wrong.



    RogueKiller Anti-Malware V14.8.0.0 (x64) [Nov 17 2020] (Free) by Adlice Software
    mail : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 10 (10.0.18363) 64 bits
    Started in : Normal mode
    User : [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Signatures : 20201210_103309, Driver : Loaded
    Mode : Standard Scan, Scan -- Date : 2020/12/14 02:42:51 (Duration : 00:08:11)
    Switches : -minimize

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 12/14/20
    Scan Time: 2:58 AM
    Log File: eb5ed310-3df2-11eb-8c33-7085c2b3e2f8.json

    -Software Information-
    Version: 4.2.3.96
    Components Version: 1.0.1122
    Update Package Version: 1.0.34345
    License: Free

    -System Information-
    OS: Windows 10 (Build 18362.1256)
    CPU: x64
    File System: NTFS
    User: NEBULOUS\

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 284763
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 4 min, 40 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

    # -------------------------------
    # Malwarebytes AdwCleaner 8.0.8.0
    # -------------------------------
    # Build: 10-08-2020
    # Database: 2020-11-23.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Scan
    # -------------------------------
    # Start: 12-14-2020
    # Duration: 00:00:22
    # OS: Windows 10 Home
    # Scanned: 31920
    # Detected: 0


    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    No malicious folders found.

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    No malicious registry entries found.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries found.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries found.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs found.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries found.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software found.



    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

  9. #9
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,478
    I don't see anything malicious in any of your logs.
    You should be good to go

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •