Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
- Ran by tanji (22-07-2019 17:11:35)
- Running from C:\Users\tanji\Desktop
- Windows 10 Pro Version 1803 17134.885 (X64) (2018-05-18 11:59:18)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-366640982-2835770456-1949396758-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-366640982-2835770456-1949396758-503 - Limited - Disabled)
- defaultuser0 (S-1-5-21-366640982-2835770456-1949396758-1000 - Limited - Disabled) => C:\Users\defaultuser0
- Guest (S-1-5-21-366640982-2835770456-1949396758-501 - Limited - Disabled)
- tanji (S-1-5-21-366640982-2835770456-1949396758-1001 - Administrator - Enabled) => C:\Users\tanji
- WDAGUtilityAccount (S-1-5-21-366640982-2835770456-1949396758-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\uTorrent) (Version: 3.5.5.45291 - BitTorrent Inc.)
- 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
- Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
- Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
- Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
- Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.9 - Electronic Arts, Inc.)
- Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
- Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
- D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
- Discord (HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
- DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
- EaseUS Partition Master 12.8 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
- Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1907.0210 - Garena)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
- Gyazo 3.6.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
- HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.15.306 - SurfRight B.V.)
- HP DeskJet 3630 series Basic Device Software (HKLM\...\{2125FB8B-5542-495A-B0F7-CD6DDBE99C2A}) (Version: 40.11.1107.1739 - HP Inc.)
- HP DeskJet 3630 series Help (HKLM-x32\...\{5F074370-FEB0-4477-820F-A59DF28A933E}) (Version: 35.0.0 - Hewlett Packard)
- HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
- HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
- HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
- Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
- Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
- Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
- Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
- Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
- MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
- Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11328.20368 - Microsoft Corporation)
- Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
- Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
- Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
- Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
- Mozilla Firefox 68.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.1 (x64 en-US)) (Version: 68.0.1 - Mozilla)
- Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
- NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
- NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
- NVIDIA Graphics Driver 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.36 - NVIDIA Corporation)
- NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
- NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
- OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
- Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation) Hidden
- OpenShot Video Editor version 2.4.0 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.0 - OpenShot Studios, LLC)
- Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
- Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
- Playpark Downloader (HKLM-x32\...\{D81B5861-F391-4905-A779-8A82994F3A00}) (Version: 0.3.6 - Asiasoft Online)
- Product Improvement Study for HP DeskJet 3630 series (HKLM\...\{416B7D0C-0AEC-4FE6-AE40-4E12857CCA55}) (Version: 40.11.1107.1739 - HP Inc.)
- Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
- Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
- Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
- SoundSwitch 4.14.0.31865 (HKLM\...\SoundSwitch_is1) (Version: 4.14.0.31865 - Antoine Aflalo)
- TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
- TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
- UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
- UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
- Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
- Windows Driver Package - BigNox Corporation YSDrv System (01/20/2017 4.3.12) (HKLM\...\1FF524CF3E58304F349D809470EC4A689914A4D5) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
- Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
- Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-123B-4321-32A2557A92C7}}_is1) (Version: - WindowsMovieMaker)
- WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
- World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
- World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
- Zemana AntiMalware version 3.1.375 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.375 - Zemana Ltd.)
- Packages:
- =========
- Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-10] (king.com)
- Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.9.0.0_x64__gqbn7fs4pywxm [2019-07-16] (Drawboard)
- Excel Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Excel_16001.11901.20062.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation)
- FarmVille 2: Country Escape -> C:\Program Files\WindowsApps\D52A8D61.FarmVille2CountryEscape_12.8.4114.0_x86__jwbwg6xx0377a [2019-07-16] (Zynga Inc.)
- Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
- Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
- Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
- MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
- Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_13.0.39.0_x64__n619g4d5j0fnw [2018-03-17] (Pandora Media Inc)
- Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-366640982-2835770456-1949396758-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\tanji\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
- CustomCLSID: HKU\S-1-5-21-366640982-2835770456-1949396758-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\tanji\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
- CustomCLSID: HKU\S-1-5-21-366640982-2835770456-1949396758-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\tanji\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
- ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
- ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
- ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
- ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-07-16] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
- ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
- ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
- ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
- ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
- ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
- ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-03] (NVIDIA Corporation -> NVIDIA Corporation)
- ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-07-16] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
- ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
- ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
- ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2017-12-25 13:32 - 2014-02-13 15:27 - 000113166 _____ () [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\zlib1.dll
- 2017-08-31 13:46 - 2017-04-14 01:58 - 050656768 _____ () [File not signed] C:\Users\tanji\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
- 2017-08-31 13:46 - 2017-04-14 01:58 - 000075264 _____ () [File not signed] C:\Users\tanji\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
- 2017-08-31 13:46 - 2017-04-14 01:58 - 001874944 _____ () [File not signed] C:\Users\tanji\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
- 2017-12-25 13:32 - 2014-02-13 15:27 - 000275528 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\libcurl.dll
- 2017-12-25 13:32 - 2014-02-13 15:27 - 000222792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\traynet.dll
- 2017-12-25 13:32 - 2014-11-18 14:44 - 000255072 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\TrayTipAgentE.exe
- 2017-12-25 13:32 - 2014-02-13 15:27 - 000249928 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\uexper.dll
- 2016-11-20 13:02 - 2019-02-22 00:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
- 2018-04-07 02:29 - 2018-04-07 02:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
- 2018-04-07 02:29 - 2018-04-07 02:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
- 2017-11-12 18:07 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\LIBEAY32.dll
- 2017-11-12 18:07 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\ssleay32.dll
- 2017-09-14 14:37 - 2017-09-14 14:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qgif.dll
- 2017-09-14 14:42 - 2017-09-14 14:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qicns.dll
- 2017-09-14 14:37 - 2017-09-14 14:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qico.dll
- 2017-09-14 14:37 - 2017-09-14 14:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qjpeg.dll
- 2017-09-14 14:42 - 2017-09-14 14:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qsvg.dll
- 2017-09-14 14:42 - 2017-09-14 14:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qtga.dll
- 2017-09-14 14:42 - 2017-09-14 14:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qtiff.dll
- 2017-09-14 14:42 - 2017-09-14 14:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qwbmp.dll
- 2017-09-14 14:42 - 2017-09-14 14:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qwebp.dll
- 2017-09-14 14:37 - 2017-09-14 14:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\platforms\qwindows.dll
- 2017-11-12 18:07 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Origin\platforms\qwindows.dll
- 2017-11-12 18:07 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Core.dll
- 2017-11-12 18:07 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Gui.dll
- 2017-11-12 18:07 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Network.dll
- 2017-11-12 18:07 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Widgets.dll
- 2017-11-12 18:07 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Xml.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\Public\AppData:CSM [486]
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\localhost -> localhost
- IE trusted site: HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\sharepoint.com -> hxxps://mymailsimedu-files.sharepoint.com
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2016-07-16 19:47 - 2016-07-16 19:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
- 2018-12-10 22:23 - 2019-01-11 19:42 - 000000510 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
- 192.168.137.1 DESKTOP-KTHT43L.mshome.net # 2024 1 3 10 11 42 47 356
- 92.168.137.30 Galaxy-S8.mshome.net # 2019 1 5 18 7 29 40 152
- 05
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
- HKU\S-1-5-21-366640982-2835770456-1949396758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tanji\Desktop\wallpapers\cropped-1920-1080-981906.jpg
- DNS Servers: 8.8.8.8 - 8.8.4.4
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- If an entry is included in the fixlist, it will be removed.
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{08DAB10C-512C-4823-804A-88A05D367789}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2618\gxxsvc.exe No File
- FirewallRules: [{77A65DA2-AD2D-4C69-9CD0-5678CECEE3D3}] => (Allow) D:\SteamLibrary\SteamApps\common\PC Building Simulator\PCBS.exe () [File not signed]
- FirewallRules: [{F649699E-9A92-405D-8C3E-A1A21FBB0B2A}] => (Allow) D:\SteamLibrary\SteamApps\common\PC Building Simulator\PCBS.exe () [File not signed]
- FirewallRules: [{3EA22F17-7649-4D15-9328-94BCF23AFB20}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1803.2016\gxxsvc.exe No File
- FirewallRules: [UDP Query User{5D743E69-A48E-48A7-B216-65CB7605D588}D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe] => (Allow) D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
- FirewallRules: [TCP Query User{4848FCB2-D892-4EED-9E92-9EDD7A3715EA}D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe] => (Allow) D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
- FirewallRules: [{608C04B6-FDDF-4108-BE2E-D390DBC76688}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1802.1114\gxxsvc.exe No File
- FirewallRules: [{82BAE9AD-496A-4176-94FC-379886526FF6}] => (Allow) D:\Steam\SteamApps\common\Overcooked\Overcooked.exe () [File not signed]
- FirewallRules: [{FF184651-1823-45F8-ABEC-C5179444B56C}] => (Allow) D:\Steam\SteamApps\common\Overcooked\Overcooked.exe () [File not signed]
- FirewallRules: [UDP Query User{1E2FC5ED-6EAA-43F0-9F99-F619F5C322C7}C:\pearlabyss\blackdesert\bin64\blackdesert64.exe] => (Allow) C:\pearlabyss\blackdesert\bin64\blackdesert64.exe (PearlAbyss Corp. -> )
- FirewallRules: [TCP Query User{F538C193-78E6-4153-84BD-7E8B754FC0BA}C:\pearlabyss\blackdesert\bin64\blackdesert64.exe] => (Allow) C:\pearlabyss\blackdesert\bin64\blackdesert64.exe (PearlAbyss Corp. -> )
- FirewallRules: [{229BE746-B41D-454E-8EBD-C793140C44E2}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1801.1018\gxxsvc.exe No File
- FirewallRules: [{1ECA0569-02AF-44BC-85B2-4B4DAE5D7996}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
- FirewallRules: [{D7A8DD50-5939-446E-A904-0474DD3BF1BA}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
- FirewallRules: [{B7290397-6699-45CB-9C6F-F9CB62B35B45}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
- FirewallRules: [{4E2A94A5-6910-48B2-8BC4-4234AB877E18}] => (Allow) LPort=5357
- FirewallRules: [{8D5FE7B8-7F5A-441E-97D5-B5DAA1C8BA33}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
- FirewallRules: [{24761540-814F-430A-871C-77E8E55937F8}] => (Allow) C:\Users\tanji\AppData\Local\Temp\7zS5243\HP.EasyStart.exe No File
- FirewallRules: [{2BBCEC4D-F037-4F73-8962-D978D5398F94}] => (Allow) C:\Users\tanji\AppData\Local\Temp\7zS519F\HP.EasyStart.exe No File
- FirewallRules: [{3FE03154-1D1C-4026-9AAE-CB2EE48BE100}] => (Allow) LPort=1900
- FirewallRules: [{FACFC7E2-49C6-4473-A769-931867601C5C}] => (Allow) LPort=2869
- FirewallRules: [{9E949FB8-09C2-4EF7-90FA-C374DBBAAA16}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{3115054D-B8CA-4574-8DAB-35CAC4485FAA}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe No File
- FirewallRules: [{DCD37E19-898E-47B6-98BC-79CB8E799074}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe No File
- FirewallRules: [{2DA932E4-9D5B-4F79-996F-236199DB1178}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1712.0910\gxxsvc.exe No File
- FirewallRules: [UDP Query User{888E9790-11AB-498F-ACC1-4419C426F033}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe No File
- FirewallRules: [TCP Query User{B4695EE1-B876-4014-AE90-13553A70526B}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe No File
- FirewallRules: [{8D22A806-6EB9-4630-90B2-EC28149D68D2}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> )
- FirewallRules: [{96F30FA8-061F-4259-A477-2879329D3BC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{5D76E955-17F2-4C4A-A437-D6A10A4048F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{FA7CD558-EECF-490C-B9B2-D20A78BC000C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{7BE011DD-DA44-4C49-B47A-2275792FD7EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{84CDE2D0-099E-43CF-BF15-5468689B3BE0}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
- FirewallRules: [{821D2F59-0C0C-4A73-AFB0-B97836840D61}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
- FirewallRules: [{803FEE06-08F2-47CD-A3E8-E91AB2142EB2}] => (Allow) LPort=6963
- FirewallRules: [{C5CB4F20-8D6A-4CC0-A0F3-6FF684A02131}] => (Allow) LPort=6963
- FirewallRules: [{E5931AB7-69ED-4560-A8BE-BB03539364A4}] => (Allow) D:\League of Legends\GameData\Apps\LoL\Game\League of Legends.exe (Riot Games, Inc. -> )
- FirewallRules: [{C0B556A2-281D-418D-BFE5-27935A9A0D05}] => (Allow) D:\League of Legends\GameData\Apps\LoL\Game\League of Legends.exe (Riot Games, Inc. -> )
- FirewallRules: [{BB126D9C-6790-4310-9E16-0A1334ED88A3}] => (Allow) LPort=8370
- FirewallRules: [{1A919FC0-D38D-4617-A616-CEBDECC9FBDE}] => (Allow) LPort=8370
- FirewallRules: [UDP Query User{43C218B0-D8BD-412F-93BD-6F21FCD7D53B}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
- FirewallRules: [TCP Query User{BC2CB92B-17BA-4C44-BF8E-1931B16DE1ED}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
- FirewallRules: [{8C2A378F-802D-4B40-AEFF-65BFD3761AC3}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
- FirewallRules: [{CAA23C38-0688-47F6-B0B3-85CCBA212BA5}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
- FirewallRules: [{F99E8C96-7C7F-4611-8217-23DA18E81ED1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
- FirewallRules: [{5394BD2C-13A4-41A9-A9E2-DBCA824F453F}] => (Allow) D:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
- FirewallRules: [{FE1F1DE6-4FE6-436C-A2B3-B7E681A04CAA}] => (Allow) D:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
- FirewallRules: [{275A6F8E-4BF9-4740-8AE8-CBC3A3D9DF8A}] => (Allow) D:\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
- FirewallRules: [{C513A335-8629-4EC2-85E5-1D4773489855}] => (Allow) D:\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
- FirewallRules: [{205F09BA-59B6-46F2-B1AD-F86847D112A9}] => (Allow) D:\Steam\SteamApps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
- FirewallRules: [{EE5290A4-9D21-4B16-B913-581452BE94ED}] => (Allow) D:\Steam\SteamApps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
- FirewallRules: [TCP Query User{276677B0-1306-4A37-90A5-51E97BB22FC4}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
- FirewallRules: [UDP Query User{65157BD6-C92F-4C30-A826-F93CCB9BA25D}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
- FirewallRules: [{D9F0E176-3503-4A15-AA49-9607A69C8CD2}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II Multiplayer Beta\starwarsbattlefrontii.exe No File
- FirewallRules: [{5B10FA72-F792-4E0E-9D92-436061BA3C6A}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II Multiplayer Beta\starwarsbattlefrontii.exe No File
- FirewallRules: [{FF5042B1-6E98-4BB5-A8A1-828345D5A166}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1710.1317\gxxsvc.exe No File
- FirewallRules: [TCP Query User{22A190A1-5F4C-4A8C-94E7-F41B55CC376A}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
- FirewallRules: [UDP Query User{C654AA3B-6DF6-4EBF-982E-01DA4644F464}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
- FirewallRules: [TCP Query User{3031196B-B173-4B3F-9CEF-785D8B419DFF}D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
- FirewallRules: [UDP Query User{E7571931-B30C-489D-A7F8-C1238480EB39}D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
- FirewallRules: [TCP Query User{19AAE979-1A27-4BF0-98BF-E1D3979DF3BA}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
- FirewallRules: [UDP Query User{9694562A-DADD-4505-8BDA-C6D3B62FC1A6}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
- FirewallRules: [{E03140AB-4F2D-4B55-A5E7-7CEE8ACE8CF5}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1710.2100\gxxsvc.exe No File
- FirewallRules: [{6E1C04A5-02F1-4A47-BB06-8A66B486A490}] => (Allow) LPort=82
- FirewallRules: [TCP Query User{E2327CA8-7BC6-459E-9A89-AE369C2639F4}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
- FirewallRules: [UDP Query User{197178C7-9D75-4CB4-BCBE-3C8D250591FC}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
- FirewallRules: [TCP Query User{860B92C0-B6A5-4E1D-9E6B-0553528E5A8C}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
- FirewallRules: [UDP Query User{44ED4431-6564-477C-8B4D-36E342A46893}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
- FirewallRules: [{18EFE294-FA13-4E3F-BD7B-A8572F3E2E4E}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.0619\gxxsvc.exe No File
- FirewallRules: [{80B7F4ED-403B-49A7-B8DD-0485AA5417EF}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.0815\gxxsvc.exe No File
- FirewallRules: [TCP Query User{A30BF0FB-CAC3-410F-800F-9B7BCD28B241}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe No File
- FirewallRules: [UDP Query User{3E29ABAC-4418-4B08-91A7-DB97FABDF157}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe No File
- FirewallRules: [{6F91D948-E19C-441B-854B-CBDEEA8E531F}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.1719\gxxsvc.exe No File
- FirewallRules: [{1216BB69-F313-4070-B106-F681F0986819}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.2118\gxxsvc.exe No File
- FirewallRules: [TCP Query User{9EE884C9-3FB9-46A8-B1A2-85922406DBAF}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe No File
- FirewallRules: [UDP Query User{4604034E-DF70-41D5-BE14-CBEC4BA2935F}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe No File
- FirewallRules: [TCP Query User{F7DA0A55-B19E-4321-96B2-152279733DE2}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
- FirewallRules: [UDP Query User{A6BB4C2C-D826-4F38-BD72-8CBB4D8DBAC9}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
- FirewallRules: [TCP Query User{C23A71DB-CFE0-4DF7-A114-DBE3132CFC50}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
- FirewallRules: [UDP Query User{9C2BEBA3-BF74-4091-8963-C90AFD26B798}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
- FirewallRules: [TCP Query User{84713078-F75A-4A6F-B620-C6F75AEA2C4A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
- FirewallRules: [UDP Query User{4D8D5C66-6551-49D3-9E8A-53629AB08E71}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
- FirewallRules: [TCP Query User{991BBC20-31FD-47B4-A298-86B840B7AFCF}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
- FirewallRules: [UDP Query User{79A935ED-D34C-4706-9470-0BADF8E5BBEB}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
- FirewallRules: [{7B3FFAB4-99FC-4063-A81D-9799D0CBA83E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{122BEAB4-993A-4D88-834D-4CDAC563C8C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [TCP Query User{6C4E9680-74FF-445C-ABAD-27B57CA53682}D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe No File
- FirewallRules: [UDP Query User{35A91953-B4FA-482D-ADCA-3B22BF176BC3}D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe No File
- FirewallRules: [{FFF11612-1EF5-49C1-8C12-D10B88DB08DC}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2913\gxxsvc.exe No File
- FirewallRules: [{F7934838-2BA4-4699-8DDB-6A2595CB0654}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1806.2114\gxxsvc.exe No File
- FirewallRules: [{F50B9950-F6FF-4FEE-98A4-F5DAF6000EDF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
- FirewallRules: [{3E869453-0F3E-4223-83A3-983EBD1E6B75}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File
- FirewallRules: [{5828A4B8-88B4-4A3F-8175-4C7E0FD4A2E1}] => (Allow) C:\SteamLibrary\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
- FirewallRules: [{1A0091C7-2DD6-40ED-A06C-FE727E0A8B49}] => (Allow) C:\SteamLibrary\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
- FirewallRules: [{DD577F85-BC0A-4938-AD5A-AD5AF4369856}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
- FirewallRules: [{B6D087EE-06A5-49D5-AF70-346AE386464B}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
- FirewallRules: [TCP Query User{F383B63E-E7F4-4B3A-9C24-79C246A301D0}D:\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\utils\wowvoiceproxy.exe No File
- FirewallRules: [UDP Query User{C6F1BA2F-E6D0-4717-9277-6E1902594B67}D:\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\utils\wowvoiceproxy.exe No File
- FirewallRules: [{1F0102B8-6104-45AC-8C69-6789D29FB5EA}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1807.2414\gxxsvc.exe No File
- FirewallRules: [{2B58D77F-7E7D-4E24-A82F-99DAA6CF2E61}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1808.1611\gxxsvc.exe No File
- FirewallRules: [{B7B32455-B3C5-4C0C-AD3B-B9E4AAF33523}] => (Allow) C:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe () [File not signed]
- FirewallRules: [{6B987416-17F9-40C3-B4CF-657C118D31BB}] => (Allow) C:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe () [File not signed]
- FirewallRules: [{C2E31888-BB43-4A83-9B6F-768966BAE918}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1811.2302\gxxsvc.exe No File
- FirewallRules: [TCP Query User{8C273624-512B-465D-8946-890BBBF78BA4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
- FirewallRules: [UDP Query User{43832355-C601-4D20-AAAD-EC03CED0BC09}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
- FirewallRules: [TCP Query User{32515010-E0C0-4308-ADED-1252C510B732}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
- FirewallRules: [UDP Query User{34F61518-2A38-4A18-AF62-0DEBB88C26D7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
- FirewallRules: [{F2E77805-16AE-44B2-AE17-8E64991C4EB5}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1812.2810\gxxsvc.exe No File
- FirewallRules: [{2E8E5A62-E644-45A2-9016-F05C2F1BD124}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
- FirewallRules: [{405F8DE7-2D27-4D72-93F6-EF21A9911B55}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
- FirewallRules: [{EB2020AF-3D99-44A0-BA5C-D3B9F93572A7}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
- FirewallRules: [{7278CB35-BE58-4BED-9E06-D2AAB32FA254}] => (Allow) C:\Users\tanji\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
- FirewallRules: [{8CFC3788-5A6D-4DEB-8C01-EF7E28DBB892}] => (Allow) C:\Users\tanji\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
- FirewallRules: [{F6427645-BCCC-4C39-82BF-DC83330C78FE}] => (Allow) C:\Users\tanji\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe No File
- FirewallRules: [{0211F714-3855-4749-BFD1-AC9FAA5F88B7}] => (Allow) C:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
- FirewallRules: [{0CEE9CC9-5D67-43F3-B947-FD4089F5EDD0}] => (Allow) C:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
- FirewallRules: [TCP Query User{DFCBEAC4-89B8-48F9-927F-4547099C495E}D:\apex legends\apex\r5apex.exe] => (Allow) D:\apex legends\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
- FirewallRules: [UDP Query User{7235898A-C4C3-4CB4-B64D-D5A6D1728BA3}D:\apex legends\apex\r5apex.exe] => (Allow) D:\apex legends\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
- FirewallRules: [{57FEB27E-BB3A-4F47-9700-F0AC8EA18750}] => (Allow) C:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
- FirewallRules: [{B1CDF515-AECA-4C99-B2BB-B7413875E513}] => (Allow) C:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
- FirewallRules: [{0B6FB00E-9877-48FB-AB84-CB67E594B507}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1902.0110\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
- FirewallRules: [TCP Query User{55967186-7116-48A9-B9AA-0E0918D77F37}D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe No File
- FirewallRules: [UDP Query User{9D903A71-B9DD-4D25-8C1E-EFFBFB958103}D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe No File
- FirewallRules: [{17EDAA4C-4A6F-4385-B42D-A2745B5F91CD}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
- FirewallRules: [{967498FF-552A-402C-9A85-9596F42154EB}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
- FirewallRules: [{8AD6FFEF-F96C-4090-B3EE-B2BBBD875C7A}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
- FirewallRules: [{275A5556-72ED-4A03-A7A6-3CE42C5A7650}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
- FirewallRules: [TCP Query User{A9BB7954-2444-4AA1-8FE8-5D691718B5DC}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe No File
- FirewallRules: [UDP Query User{BB9914E2-9A09-4068-8548-6B71CFEF9A86}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe No File
- FirewallRules: [{6DE8609D-775C-4774-9A1A-69D448D290E0}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1904.0511\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
- FirewallRules: [{F4D54A61-116F-41F8-A095-17855AAD883A}] => (Allow) D:\Apex Legends\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
- FirewallRules: [{DA064FA5-7A56-4118-9932-89361C53FFE3}] => (Allow) D:\Apex Legends\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
- FirewallRules: [TCP Query User{74E669D9-72D5-4576-9FD3-E177BA2A36DD}D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
- FirewallRules: [UDP Query User{EC168B4E-887E-4CDF-9886-1B0809E810DE}D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
- FirewallRules: [TCP Query User{A5AE3DAB-C9F8-406C-BFDF-A870A4EF0603}D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe] => (Allow) D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe No File
- FirewallRules: [UDP Query User{E1787189-A047-47A7-9F6E-53FE86CE4F1D}D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe] => (Allow) D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe No File
- FirewallRules: [TCP Query User{CE8C6AAA-2DBA-47AB-B14C-91DB3C6CB1A3}C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe (Phoenix Labs -> Phoenix Labs)
- FirewallRules: [UDP Query User{50D6CA67-790D-40B1-801C-1B9E830BA11B}C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe (Phoenix Labs -> Phoenix Labs)
- FirewallRules: [{BD0CDBAB-6130-413D-8C54-67BA09250F43}] => (Allow) C:\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
- FirewallRules: [{F36CACCD-96F2-4C5C-BCA5-FB8643023798}] => (Allow) C:\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
- FirewallRules: [TCP Query User{F1C17449-18E0-4097-8F63-C0A00BD61E78}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe No File
- FirewallRules: [UDP Query User{762A2F26-2DF2-4BC6-91F3-CBA563421DCA}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe No File
- FirewallRules: [{B02832E7-33F8-4934-BADE-1083A8F2AECE}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe () [File not signed]
- FirewallRules: [{797ABECF-7536-48DA-9516-D2041CFACE3C}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe () [File not signed]
- FirewallRules: [{15FADF27-A75D-46D4-A934-D45C38358D29}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
- FirewallRules: [{E05B3D9D-228E-4D68-99C1-DC98BFFC6858}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
- FirewallRules: [TCP Query User{634352B5-A2CD-4EB6-B5F9-FAE9E4BF518D}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
- FirewallRules: [UDP Query User{67E805FA-B840-465C-B645-9C241E54FB74}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
- FirewallRules: [TCP Query User{E03C70C8-6B0D-456B-841A-1635BA3A7D28}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
- FirewallRules: [UDP Query User{DB5FBA73-6BCD-4253-921D-3887F1513B4A}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
- FirewallRules: [{F71368EB-AD84-478F-AA04-9FDBB61B4508}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{445414FC-11D4-4CC2-B498-002996B46DAA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{3EFAC642-32C9-4BD0-9A97-F34350F31B31}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{685543CC-21D9-49A2-905E-D6ECC2D3E248}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{898FF48F-7C88-4507-946D-E9C625231FF9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
- FirewallRules: [{48CE405A-59DF-4DC3-8918-F67D0BBB819F}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
- FirewallRules: [{820C15C6-6F93-47FB-A7C6-588EA0844718}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
- FirewallRules: [{73E531C5-5E4F-4B44-B5C2-AF35EBE64C06}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
- FirewallRules: [{AA769149-56DD-437C-9D1D-BC6CB24CA3BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
- FirewallRules: [{28A23796-41A0-4792-A036-C5EAE603DD79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
- FirewallRules: [{FA2AA0C0-77B5-472B-8F49-2A18B58510A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
- FirewallRules: [{4DAFC38C-A43A-4F5F-899F-8179B580FAB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
- FirewallRules: [{884F70EF-EE95-4066-885E-6E8B2ACC873A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
- FirewallRules: [{1C9E641D-22C7-4CD5-8861-8D33EF5169CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{CEFFF01C-A9F0-4569-9609-6C22AB22CC12}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{0994EFC5-0066-4326-8422-5690D17EBF73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{F88E796F-811A-450B-AE10-FE9B7C35303F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{E7C9ABF1-62C0-4765-8822-1D913ED168E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{299EA41D-75DF-4686-9823-628B4485D03A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- ==================== Restore Points =========================
- 01-07-2019 16:27:42 Scheduled Checkpoint
- 10-07-2019 20:14:34 Windows Update
- 16-07-2019 21:18:07 Removed Teams Machine-Wide Installer
- 19-07-2019 22:28:38 Checkpoint by HitmanPro
- 22-07-2019 15:52:29 Checkpoint by HitmanPro
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (07/22/2019 03:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: NVDisplay.Container.exe, version: 1.15.2586.5913, time stamp: 0x5c75252f
- Faulting module name: KERNELBASE.dll, version: 10.0.17134.885, time stamp: 0x3672f486
- Exception code: 0xe06d7363
- Fault offset: 0x000000000003a388
- Faulting process id: 0x80c
- Faulting application start time: 0x01d5406196817239
- Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
- Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
- Report Id: ae682371-4c34-4ce6-9de1-60d0e7419755
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000268,(null),0,REG_BINARY,0000009F0D47EBC0.72). hr = 0x80070005, Access is denied.
- .
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a0c,(null),0,REG_BINARY,000000768E1FD0C0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
- Writer Name: MSSearch Service Writer
- Writer Instance ID: {0eceb6bb-c68a-4761-b9a2-77050c7776e0}
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000270,(null),0,REG_BINARY,0000004ABCB7D2A0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
- Writer Name: WMI Writer
- Writer Instance ID: {7b971c4a-84a3-4a81-9fe0-1acd4328f8bc}
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a0c,(null),0,REG_BINARY,000000768E1FD0D0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
- Writer Name: MSSearch Service Writer
- Writer Instance ID: {0eceb6bb-c68a-4761-b9a2-77050c7776e0}
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000270,(null),0,REG_BINARY,0000004ABCB7D2B0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
- Writer Name: WMI Writer
- Writer Instance ID: {7b971c4a-84a3-4a81-9fe0-1acd4328f8bc}
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x0000027c,(null),0,REG_BINARY,0000009F0D67E980.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
- Writer Name: Shadow Copy Optimization Writer
- Writer Instance ID: {2f6e9fd8-55ba-4109-84b6-fdba976ec1e1}
- Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000238,(null),0,REG_BINARY,0000009F0D4FEB20.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
- Writer Name: Registry Writer
- Writer Instance ID: {037a83d8-c0b7-4802-ad97-6bab696737c4}
- System errors:
- =============
- Error: (07/22/2019 05:10:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 05:09:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 04:58:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 04:53:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 04:53:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
- Windows.SecurityCenter.WscBrokerManager
- and APPID
- Unavailable
- to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 04:53:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
- Windows.SecurityCenter.WscDataProtection
- and APPID
- Unavailable
- to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 04:51:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (07/22/2019 04:50:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
- Description: WLAN Extensibility Module has failed to start.
- Module Path: C:\WINDOWS\system32\Rtlihvs.dll
- Error Code: 126
- Windows Defender:
- ===================================
- Date: 2019-07-22 17:09:36.344
- Description:
- Windows Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
- Name: Trojan:Win32/Tiggre!plock
- ID: 2147723626
- Severity: Severe
- Category: Trojan
- Path: containerfile:_C:\Users\tanji\AppData\Roaming\khocxrrgfflv\azpjjwevwmjjvja.msi; file:_C:\Users\tanji\AppData\Roaming\khocxrrgfflv\azpjjwevwmjjvja.msi->media.cab->TempDll; file:_C:\WINDOWS\System32\Tasks\rdhttziktqcqmzj->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{756F44D4-7FA7-4A68-8A61-9D5EFD0EF43B}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rdhttziktqcqmzj; taskscheduler:_C:\WINDOWS\System32\Tasks\rdhttziktqcqmzj
- Detection Origin: Local machine
- Detection Type: FastPath
- Detection Source: User
- Process Name: Unknown
- Signature Version: AV: 1.299.246.0, AS: 1.299.246.0, NIS: 1.299.246.0
- Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
- Date: 2019-07-22 16:53:58.687
- Description:
- Windows Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
- Name: Trojan:Win32/Tiggre!plock
- ID: 2147723626
- Severity: Severe
- Category: Trojan
- Path: file:_C:\ProgramData\TempLogs\common.dll
- Detection Origin: Local machine
- Detection Type: FastPath
- Detection Source: Real-Time Protection
- Process Name: C:\Windows\System32\rundll32.exe
- Signature Version: AV: 1.299.246.0, AS: 1.299.246.0, NIS: 1.299.246.0
- Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
- Date: 2019-07-22 16:38:59.247
- Description:
- Windows Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
- Name: Trojan:Win32/Tiggre!plock
- ID: 2147723626
- Severity: Severe
- Category: Trojan
- Path: file:_C:\ProgramData\TempLogs\common.dll
- Detection Origin: Local machine
- Detection Type: FastPath
- Detection Source: Real-Time Protection
- Process Name: C:\Windows\explorer.exe
- Signature Version: AV: 1.299.240.0, AS: 1.299.240.0, NIS: 1.299.240.0
- Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
- Date: 2019-07-22 16:38:59.096
- Description:
- Windows Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
- Name: Trojan:Win32/Tiggre!plock
- ID: 2147723626
- Severity: Severe
- Category: Trojan
- Path: file:_C:\ProgramData\TempLogs\common.dll; process:_pid:6220,ProcessStart:132082583066581204
- Detection Origin: Local machine
- Detection Type: FastPath
- Detection Source: Real-Time Protection
- Process Name: C:\Windows\System32\rundll32.exe
- Signature Version: AV: 1.299.240.0, AS: 1.299.240.0, NIS: 1.299.240.0
- Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
- Date: 2019-07-22 16:38:57.560
- Description:
- Windows Defender Antivirus has detected malware or other potentially unwanted software.
- For more information please see the following:
- https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
- Name: Trojan:Win32/Tiggre!plock
- ID: 2147723626
- Severity: Severe
- Category: Trojan
- Path: file:_C:\ProgramData\TempLogs\common.dll
- Detection Origin: Local machine
- Detection Type: FastPath
- Detection Source: Real-Time Protection
- Process Name: C:\Windows\explorer.exe
- Signature Version: AV: 1.299.240.0, AS: 1.299.240.0, NIS: 1.299.240.0
- Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
- Date: 2019-07-22 13:34:03.097
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.299.62.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.16200.1
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2019-07-22 13:34:03.097
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.299.62.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiSpyware
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.16200.1
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2019-07-22 13:34:03.097
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.299.62.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.16200.1
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2019-07-22 13:34:03.087
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.299.62.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.16200.1
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2019-07-22 13:34:03.087
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.299.62.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiSpyware
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.16200.1
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- ==================== Memory info ===========================
- BIOS: American Megatrends Inc. V5.3 07/23/2014
- Motherboard: MSI H97 PC Mate(MS-7850)
- Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
- Percentage of memory in use: 27%
- Total physical RAM: 16319.91 MB
- Available physical RAM: 11902.66 MB
- Total Virtual: 17343.91 MB
- Available Virtual: 11209.48 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:464.74 GB) (Free:264.73 GB) NTFS
- Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:1097.96 GB) NTFS
- \\?\Volume{ca854363-d4b6-11e7-b19f-448a5bd2e594}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
- \\?\Volume{30eabc6a-1e2b-4210-9427-02cb6a9e6f1d}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
- \\?\Volume{385f9680-712a-476d-b071-e73e4aa2184f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 465.8 GB) (Disk ID: ECFDAFA2)
- Partition: GPT.
- ========================================================
- Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 8F4C4014)
- Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Add Comment
Please, Sign In to add comment