SHARE
TWEET

FRST Addition

a guest Jul 22nd, 2019 463 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
  2. Ran by tanji (22-07-2019 17:11:35)
  3. Running from C:\Users\tanji\Desktop
  4. Windows 10 Pro Version 1803 17134.885 (X64) (2018-05-18 11:59:18)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-366640982-2835770456-1949396758-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-366640982-2835770456-1949396758-503 - Limited - Disabled)
  13. defaultuser0 (S-1-5-21-366640982-2835770456-1949396758-1000 - Limited - Disabled) => C:\Users\defaultuser0
  14. Guest (S-1-5-21-366640982-2835770456-1949396758-501 - Limited - Disabled)
  15. tanji (S-1-5-21-366640982-2835770456-1949396758-1001 - Administrator - Enabled) => C:\Users\tanji
  16. WDAGUtilityAccount (S-1-5-21-366640982-2835770456-1949396758-504 - Limited - Disabled)
  17.  
  18. ==================== Security Center ========================
  19.  
  20. (If an entry is included in the fixlist, it will be removed.)
  21.  
  22. AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  23. AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  24.  
  25. ==================== Installed Programs ======================
  26.  
  27. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  28.  
  29. ┬ÁTorrent (HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\uTorrent) (Version: 3.5.5.45291 - BitTorrent Inc.)
  30. 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
  31. Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
  32. Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
  33. Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
  34. Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.9 - Electronic Arts, Inc.)
  35. Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
  36. Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
  37. Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
  38. D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
  39. Discord (HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
  40. DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
  41. EaseUS Partition Master 12.8 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
  42. Garena (remove only) (HKLM-x32\...\gxx) (Version: 2.0.1907.0210 - Garena)
  43. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
  44. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
  45. Gyazo 3.6.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
  46. HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.15.306 - SurfRight B.V.)
  47. HP DeskJet 3630 series Basic Device Software (HKLM\...\{2125FB8B-5542-495A-B0F7-CD6DDBE99C2A}) (Version: 40.11.1107.1739 - HP Inc.)
  48. HP DeskJet 3630 series Help (HKLM-x32\...\{5F074370-FEB0-4477-820F-A59DF28A933E}) (Version: 35.0.0 - Hewlett Packard)
  49. HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
  50. HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
  51. HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
  52. Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
  53. Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
  54. Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
  55. Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  56. Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
  57. Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
  58. MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
  59. Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11328.20368 - Microsoft Corporation)
  60. Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
  61. Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
  62. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  63. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
  64. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  65. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  66. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  67. Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  68. Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  69. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  70. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  71. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  72. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  73. Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
  74. Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
  75. Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
  76. Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
  77. Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
  78. Mozilla Firefox 68.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.1 (x64 en-US)) (Version: 68.0.1 - Mozilla)
  79. Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
  80. NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
  81. NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
  82. NVIDIA Graphics Driver 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.36 - NVIDIA Corporation)
  83. NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
  84. NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
  85. OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
  86. Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation) Hidden
  87. Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation) Hidden
  88. Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation) Hidden
  89. OpenShot Video Editor version 2.4.0 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.0 - OpenShot Studios, LLC)
  90. Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
  91. Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
  92. Playpark Downloader (HKLM-x32\...\{D81B5861-F391-4905-A779-8A82994F3A00}) (Version: 0.3.6 - Asiasoft Online)
  93. Product Improvement Study for HP DeskJet 3630 series (HKLM\...\{416B7D0C-0AEC-4FE6-AE40-4E12857CCA55}) (Version: 40.11.1107.1739 - HP Inc.)
  94. Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
  95. Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
  96. Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
  97. Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
  98. SoundSwitch 4.14.0.31865 (HKLM\...\SoundSwitch_is1) (Version: 4.14.0.31865 - Antoine Aflalo)
  99. TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
  100. TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
  101. UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
  102. UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
  103. Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
  104. VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
  105. Windows Driver Package - BigNox Corporation YSDrv System  (01/20/2017 4.3.12) (HKLM\...\1FF524CF3E58304F349D809470EC4A689914A4D5) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
  106. Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
  107. Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-123B-4321-32A2557A92C7}}_is1) (Version:  - WindowsMovieMaker)
  108. WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
  109. World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
  110. World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
  111. Zemana AntiMalware version 3.1.375 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.375 - Zemana Ltd.)
  112.  
  113. Packages:
  114. =========
  115. Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-10] (king.com)
  116. Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.9.0.0_x64__gqbn7fs4pywxm [2019-07-16] (Drawboard)
  117. Excel Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Excel_16001.11901.20062.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation)
  118. FarmVille 2: Country Escape -> C:\Program Files\WindowsApps\D52A8D61.FarmVille2CountryEscape_12.8.4114.0_x86__jwbwg6xx0377a [2019-07-16] (Zynga Inc.)
  119. Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
  120. Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
  121. Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
  122. Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
  123. Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
  124. MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
  125. Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_13.0.39.0_x64__n619g4d5j0fnw [2018-03-17] (Pandora Media Inc)
  126. Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
  127.  
  128. ==================== Custom CLSID (Whitelisted): ==========================
  129.  
  130. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  131.  
  132. CustomCLSID: HKU\S-1-5-21-366640982-2835770456-1949396758-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\tanji\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
  133. CustomCLSID: HKU\S-1-5-21-366640982-2835770456-1949396758-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\tanji\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
  134. CustomCLSID: HKU\S-1-5-21-366640982-2835770456-1949396758-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\tanji\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileSyncShell64.dll => No File
  135. ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  136. ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  137. ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  138. ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
  139. ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
  140. ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
  141. ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  142. ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  143. ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  144. ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-07-16] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
  145. ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
  146. ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
  147. ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  148. ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
  149. ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
  150. ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  151. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
  152. ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  153. ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
  154. ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
  155. ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tanji\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
  156. ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-03] (NVIDIA Corporation -> NVIDIA Corporation)
  157. ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-07-16] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
  158. ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
  159. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
  160. ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
  161. ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
  162. ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  163. ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  164. ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  165.  
  166. ==================== Shortcuts & WMI ========================
  167.  
  168. (The entries could be listed to be restored or removed.)
  169.  
  170.  
  171. ==================== Loaded Modules (Whitelisted) ==============
  172.  
  173. 2017-12-25 13:32 - 2014-02-13 15:27 - 000113166 _____ () [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\zlib1.dll
  174. 2017-08-31 13:46 - 2017-04-14 01:58 - 050656768 _____ () [File not signed] C:\Users\tanji\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
  175. 2017-08-31 13:46 - 2017-04-14 01:58 - 000075264 _____ () [File not signed] C:\Users\tanji\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
  176. 2017-08-31 13:46 - 2017-04-14 01:58 - 001874944 _____ () [File not signed] C:\Users\tanji\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
  177. 2017-12-25 13:32 - 2014-02-13 15:27 - 000275528 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\libcurl.dll
  178. 2017-12-25 13:32 - 2014-02-13 15:27 - 000222792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\traynet.dll
  179. 2017-12-25 13:32 - 2014-11-18 14:44 - 000255072 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\TrayTipAgentE.exe
  180. 2017-12-25 13:32 - 2014-02-13 15:27 - 000249928 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8\bin\TrayPopupE\uexper.dll
  181. 2016-11-20 13:02 - 2019-02-22 00:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
  182. 2018-04-07 02:29 - 2018-04-07 02:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
  183. 2018-04-07 02:29 - 2018-04-07 02:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
  184. 2017-11-12 18:07 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\LIBEAY32.dll
  185. 2017-11-12 18:07 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\ssleay32.dll
  186. 2017-09-14 14:37 - 2017-09-14 14:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qgif.dll
  187. 2017-09-14 14:42 - 2017-09-14 14:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qicns.dll
  188. 2017-09-14 14:37 - 2017-09-14 14:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qico.dll
  189. 2017-09-14 14:37 - 2017-09-14 14:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qjpeg.dll
  190. 2017-09-14 14:42 - 2017-09-14 14:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qsvg.dll
  191. 2017-09-14 14:42 - 2017-09-14 14:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qtga.dll
  192. 2017-09-14 14:42 - 2017-09-14 14:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qtiff.dll
  193. 2017-09-14 14:42 - 2017-09-14 14:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qwbmp.dll
  194. 2017-09-14 14:42 - 2017-09-14 14:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\imageformats\qwebp.dll
  195. 2017-09-14 14:37 - 2017-09-14 14:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\tanji\AppData\Local\MEGAsync\platforms\qwindows.dll
  196. 2017-11-12 18:07 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Origin\platforms\qwindows.dll
  197. 2017-11-12 18:07 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Core.dll
  198. 2017-11-12 18:07 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Gui.dll
  199. 2017-11-12 18:07 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Network.dll
  200. 2017-11-12 18:07 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Widgets.dll
  201. 2017-11-12 18:07 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Xml.dll
  202.  
  203. ==================== Alternate Data Streams (Whitelisted) =========
  204.  
  205. (If an entry is included in the fixlist, only the ADS will be removed.)
  206.  
  207. AlternateDataStreams: C:\Users\Public\AppData:CSM [486]
  208.  
  209. ==================== Safe Mode (Whitelisted) ===================
  210.  
  211. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  212.  
  213. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
  214. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  215. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
  216. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  217.  
  218. ==================== Association (Whitelisted) ===============
  219.  
  220. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  221.  
  222.  
  223. ==================== Internet Explorer trusted/restricted ===============
  224.  
  225. (If an entry is included in the fixlist, it will be removed from the registry.)
  226.  
  227. IE trusted site: HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\localhost -> localhost
  228. IE trusted site: HKU\S-1-5-21-366640982-2835770456-1949396758-1001\...\sharepoint.com -> hxxps://mymailsimedu-files.sharepoint.com
  229.  
  230. ==================== Hosts content: ===============================
  231.  
  232. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  233.  
  234. 2016-07-16 19:47 - 2016-07-16 19:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
  235.  
  236.  
  237. 2018-12-10 22:23 - 2019-01-11 19:42 - 000000510 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
  238.  
  239. 192.168.137.1 DESKTOP-KTHT43L.mshome.net # 2024 1 3 10 11 42 47 356
  240. 92.168.137.30 Galaxy-S8.mshome.net # 2019 1 5 18 7 29 40 152
  241. 05
  242.  
  243. ==================== Other Areas ============================
  244.  
  245. (Currently there is no automatic fix for this section.)
  246.  
  247. HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
  248. HKU\S-1-5-21-366640982-2835770456-1949396758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tanji\Desktop\wallpapers\cropped-1920-1080-981906.jpg
  249. DNS Servers: 8.8.8.8 - 8.8.4.4
  250. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  251. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
  252. Windows Firewall is enabled.
  253.  
  254. ==================== MSCONFIG/TASK MANAGER disabled items ==
  255.  
  256. If an entry is included in the fixlist, it will be removed.
  257.  
  258.  
  259. ==================== FirewallRules (Whitelisted) ===============
  260.  
  261. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  262.  
  263. FirewallRules: [{08DAB10C-512C-4823-804A-88A05D367789}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2618\gxxsvc.exe No File
  264. FirewallRules: [{77A65DA2-AD2D-4C69-9CD0-5678CECEE3D3}] => (Allow) D:\SteamLibrary\SteamApps\common\PC Building Simulator\PCBS.exe () [File not signed]
  265. FirewallRules: [{F649699E-9A92-405D-8C3E-A1A21FBB0B2A}] => (Allow) D:\SteamLibrary\SteamApps\common\PC Building Simulator\PCBS.exe () [File not signed]
  266. FirewallRules: [{3EA22F17-7649-4D15-9328-94BCF23AFB20}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1803.2016\gxxsvc.exe No File
  267. FirewallRules: [UDP Query User{5D743E69-A48E-48A7-B216-65CB7605D588}D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe] => (Allow) D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
  268. FirewallRules: [TCP Query User{4848FCB2-D892-4EED-9E92-9EDD7A3715EA}D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe] => (Allow) D:\league of legends\gamedata\apps\lol\leagueclient\leagueclient.exe (Riot Games, Inc. -> )
  269. FirewallRules: [{608C04B6-FDDF-4108-BE2E-D390DBC76688}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1802.1114\gxxsvc.exe No File
  270. FirewallRules: [{82BAE9AD-496A-4176-94FC-379886526FF6}] => (Allow) D:\Steam\SteamApps\common\Overcooked\Overcooked.exe () [File not signed]
  271. FirewallRules: [{FF184651-1823-45F8-ABEC-C5179444B56C}] => (Allow) D:\Steam\SteamApps\common\Overcooked\Overcooked.exe () [File not signed]
  272. FirewallRules: [UDP Query User{1E2FC5ED-6EAA-43F0-9F99-F619F5C322C7}C:\pearlabyss\blackdesert\bin64\blackdesert64.exe] => (Allow) C:\pearlabyss\blackdesert\bin64\blackdesert64.exe (PearlAbyss Corp. -> )
  273. FirewallRules: [TCP Query User{F538C193-78E6-4153-84BD-7E8B754FC0BA}C:\pearlabyss\blackdesert\bin64\blackdesert64.exe] => (Allow) C:\pearlabyss\blackdesert\bin64\blackdesert64.exe (PearlAbyss Corp. -> )
  274. FirewallRules: [{229BE746-B41D-454E-8EBD-C793140C44E2}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1801.1018\gxxsvc.exe No File
  275. FirewallRules: [{1ECA0569-02AF-44BC-85B2-4B4DAE5D7996}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
  276. FirewallRules: [{D7A8DD50-5939-446E-A904-0474DD3BF1BA}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
  277. FirewallRules: [{B7290397-6699-45CB-9C6F-F9CB62B35B45}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
  278. FirewallRules: [{4E2A94A5-6910-48B2-8BC4-4234AB877E18}] => (Allow) LPort=5357
  279. FirewallRules: [{8D5FE7B8-7F5A-441E-97D5-B5DAA1C8BA33}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
  280. FirewallRules: [{24761540-814F-430A-871C-77E8E55937F8}] => (Allow) C:\Users\tanji\AppData\Local\Temp\7zS5243\HP.EasyStart.exe No File
  281. FirewallRules: [{2BBCEC4D-F037-4F73-8962-D978D5398F94}] => (Allow) C:\Users\tanji\AppData\Local\Temp\7zS519F\HP.EasyStart.exe No File
  282. FirewallRules: [{3FE03154-1D1C-4026-9AAE-CB2EE48BE100}] => (Allow) LPort=1900
  283. FirewallRules: [{FACFC7E2-49C6-4473-A769-931867601C5C}] => (Allow) LPort=2869
  284. FirewallRules: [{9E949FB8-09C2-4EF7-90FA-C374DBBAAA16}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
  285. FirewallRules: [{3115054D-B8CA-4574-8DAB-35CAC4485FAA}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe No File
  286. FirewallRules: [{DCD37E19-898E-47B6-98BC-79CB8E799074}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe No File
  287. FirewallRules: [{2DA932E4-9D5B-4F79-996F-236199DB1178}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1712.0910\gxxsvc.exe No File
  288. FirewallRules: [UDP Query User{888E9790-11AB-498F-ACC1-4419C426F033}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe No File
  289. FirewallRules: [TCP Query User{B4695EE1-B876-4014-AE90-13553A70526B}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe No File
  290. FirewallRules: [{8D22A806-6EB9-4630-90B2-EC28149D68D2}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> )
  291. FirewallRules: [{96F30FA8-061F-4259-A477-2879329D3BC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  292. FirewallRules: [{5D76E955-17F2-4C4A-A437-D6A10A4048F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  293. FirewallRules: [{FA7CD558-EECF-490C-B9B2-D20A78BC000C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  294. FirewallRules: [{7BE011DD-DA44-4C49-B47A-2275792FD7EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  295. FirewallRules: [{84CDE2D0-099E-43CF-BF15-5468689B3BE0}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
  296. FirewallRules: [{821D2F59-0C0C-4A73-AFB0-B97836840D61}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
  297. FirewallRules: [{803FEE06-08F2-47CD-A3E8-E91AB2142EB2}] => (Allow) LPort=6963
  298. FirewallRules: [{C5CB4F20-8D6A-4CC0-A0F3-6FF684A02131}] => (Allow) LPort=6963
  299. FirewallRules: [{E5931AB7-69ED-4560-A8BE-BB03539364A4}] => (Allow) D:\League of Legends\GameData\Apps\LoL\Game\League of Legends.exe (Riot Games, Inc. -> )
  300. FirewallRules: [{C0B556A2-281D-418D-BFE5-27935A9A0D05}] => (Allow) D:\League of Legends\GameData\Apps\LoL\Game\League of Legends.exe (Riot Games, Inc. -> )
  301. FirewallRules: [{BB126D9C-6790-4310-9E16-0A1334ED88A3}] => (Allow) LPort=8370
  302. FirewallRules: [{1A919FC0-D38D-4617-A616-CEBDECC9FBDE}] => (Allow) LPort=8370
  303. FirewallRules: [UDP Query User{43C218B0-D8BD-412F-93BD-6F21FCD7D53B}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  304. FirewallRules: [TCP Query User{BC2CB92B-17BA-4C44-BF8E-1931B16DE1ED}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  305. FirewallRules: [{8C2A378F-802D-4B40-AEFF-65BFD3761AC3}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
  306. FirewallRules: [{CAA23C38-0688-47F6-B0B3-85CCBA212BA5}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
  307. FirewallRules: [{F99E8C96-7C7F-4611-8217-23DA18E81ED1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
  308. FirewallRules: [{5394BD2C-13A4-41A9-A9E2-DBCA824F453F}] => (Allow) D:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
  309. FirewallRules: [{FE1F1DE6-4FE6-436C-A2B3-B7E681A04CAA}] => (Allow) D:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
  310. FirewallRules: [{275A6F8E-4BF9-4740-8AE8-CBC3A3D9DF8A}] => (Allow) D:\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
  311. FirewallRules: [{C513A335-8629-4EC2-85E5-1D4773489855}] => (Allow) D:\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
  312. FirewallRules: [{205F09BA-59B6-46F2-B1AD-F86847D112A9}] => (Allow) D:\Steam\SteamApps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
  313. FirewallRules: [{EE5290A4-9D21-4B16-B913-581452BE94ED}] => (Allow) D:\Steam\SteamApps\common\CookServeDelicious2\CSD2.exe (Vertigo Gaming Inc.) [File not signed]
  314. FirewallRules: [TCP Query User{276677B0-1306-4A37-90A5-51E97BB22FC4}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
  315. FirewallRules: [UDP Query User{65157BD6-C92F-4C30-A826-F93CCB9BA25D}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
  316. FirewallRules: [{D9F0E176-3503-4A15-AA49-9607A69C8CD2}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II Multiplayer Beta\starwarsbattlefrontii.exe No File
  317. FirewallRules: [{5B10FA72-F792-4E0E-9D92-436061BA3C6A}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II Multiplayer Beta\starwarsbattlefrontii.exe No File
  318. FirewallRules: [{FF5042B1-6E98-4BB5-A8A1-828345D5A166}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1710.1317\gxxsvc.exe No File
  319. FirewallRules: [TCP Query User{22A190A1-5F4C-4A8C-94E7-F41B55CC376A}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  320. FirewallRules: [UDP Query User{C654AA3B-6DF6-4EBF-982E-01DA4644F464}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  321. FirewallRules: [TCP Query User{3031196B-B173-4B3F-9CEF-785D8B419DFF}D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
  322. FirewallRules: [UDP Query User{E7571931-B30C-489D-A7F8-C1238480EB39}D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
  323. FirewallRules: [TCP Query User{19AAE979-1A27-4BF0-98BF-E1D3979DF3BA}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
  324. FirewallRules: [UDP Query User{9694562A-DADD-4505-8BDA-C6D3B62FC1A6}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
  325. FirewallRules: [{E03140AB-4F2D-4B55-A5E7-7CEE8ACE8CF5}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1710.2100\gxxsvc.exe No File
  326. FirewallRules: [{6E1C04A5-02F1-4A47-BB06-8A66B486A490}] => (Allow) LPort=82
  327. FirewallRules: [TCP Query User{E2327CA8-7BC6-459E-9A89-AE369C2639F4}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
  328. FirewallRules: [UDP Query User{197178C7-9D75-4CB4-BCBE-3C8D250591FC}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
  329. FirewallRules: [TCP Query User{860B92C0-B6A5-4E1D-9E6B-0553528E5A8C}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
  330. FirewallRules: [UDP Query User{44ED4431-6564-477C-8B4D-36E342A46893}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
  331. FirewallRules: [{18EFE294-FA13-4E3F-BD7B-A8572F3E2E4E}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.0619\gxxsvc.exe No File
  332. FirewallRules: [{80B7F4ED-403B-49A7-B8DD-0485AA5417EF}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.0815\gxxsvc.exe No File
  333. FirewallRules: [TCP Query User{A30BF0FB-CAC3-410F-800F-9B7BCD28B241}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe No File
  334. FirewallRules: [UDP Query User{3E29ABAC-4418-4B08-91A7-DB97FABDF157}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe No File
  335. FirewallRules: [{6F91D948-E19C-441B-854B-CBDEEA8E531F}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.1719\gxxsvc.exe No File
  336. FirewallRules: [{1216BB69-F313-4070-B106-F681F0986819}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1711.2118\gxxsvc.exe No File
  337. FirewallRules: [TCP Query User{9EE884C9-3FB9-46A8-B1A2-85922406DBAF}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe No File
  338. FirewallRules: [UDP Query User{4604034E-DF70-41D5-BE14-CBEC4BA2935F}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe No File
  339. FirewallRules: [TCP Query User{F7DA0A55-B19E-4321-96B2-152279733DE2}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
  340. FirewallRules: [UDP Query User{A6BB4C2C-D826-4F38-BD72-8CBB4D8DBAC9}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
  341. FirewallRules: [TCP Query User{C23A71DB-CFE0-4DF7-A114-DBE3132CFC50}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
  342. FirewallRules: [UDP Query User{9C2BEBA3-BF74-4091-8963-C90AFD26B798}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
  343. FirewallRules: [TCP Query User{84713078-F75A-4A6F-B620-C6F75AEA2C4A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
  344. FirewallRules: [UDP Query User{4D8D5C66-6551-49D3-9E8A-53629AB08E71}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
  345. FirewallRules: [TCP Query User{991BBC20-31FD-47B4-A298-86B840B7AFCF}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
  346. FirewallRules: [UDP Query User{79A935ED-D34C-4706-9470-0BADF8E5BBEB}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
  347. FirewallRules: [{7B3FFAB4-99FC-4063-A81D-9799D0CBA83E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  348. FirewallRules: [{122BEAB4-993A-4D88-834D-4CDAC563C8C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  349. FirewallRules: [TCP Query User{6C4E9680-74FF-445C-ABAD-27B57CA53682}D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe No File
  350. FirewallRules: [UDP Query User{35A91953-B4FA-482D-ADCA-3B22BF176BC3}D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe No File
  351. FirewallRules: [{FFF11612-1EF5-49C1-8C12-D10B88DB08DC}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2913\gxxsvc.exe No File
  352. FirewallRules: [{F7934838-2BA4-4699-8DDB-6A2595CB0654}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1806.2114\gxxsvc.exe No File
  353. FirewallRules: [{F50B9950-F6FF-4FEE-98A4-F5DAF6000EDF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
  354. FirewallRules: [{3E869453-0F3E-4223-83A3-983EBD1E6B75}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File
  355. FirewallRules: [{5828A4B8-88B4-4A3F-8175-4C7E0FD4A2E1}] => (Allow) C:\SteamLibrary\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
  356. FirewallRules: [{1A0091C7-2DD6-40ED-A06C-FE727E0A8B49}] => (Allow) C:\SteamLibrary\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
  357. FirewallRules: [{DD577F85-BC0A-4938-AD5A-AD5AF4369856}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
  358. FirewallRules: [{B6D087EE-06A5-49D5-AF70-346AE386464B}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
  359. FirewallRules: [TCP Query User{F383B63E-E7F4-4B3A-9C24-79C246A301D0}D:\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\utils\wowvoiceproxy.exe No File
  360. FirewallRules: [UDP Query User{C6F1BA2F-E6D0-4717-9277-6E1902594B67}D:\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\utils\wowvoiceproxy.exe No File
  361. FirewallRules: [{1F0102B8-6104-45AC-8C69-6789D29FB5EA}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1807.2414\gxxsvc.exe No File
  362. FirewallRules: [{2B58D77F-7E7D-4E24-A82F-99DAA6CF2E61}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1808.1611\gxxsvc.exe No File
  363. FirewallRules: [{B7B32455-B3C5-4C0C-AD3B-B9E4AAF33523}] => (Allow) C:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe () [File not signed]
  364. FirewallRules: [{6B987416-17F9-40C3-B4CF-657C118D31BB}] => (Allow) C:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe () [File not signed]
  365. FirewallRules: [{C2E31888-BB43-4A83-9B6F-768966BAE918}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1811.2302\gxxsvc.exe No File
  366. FirewallRules: [TCP Query User{8C273624-512B-465D-8946-890BBBF78BA4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
  367. FirewallRules: [UDP Query User{43832355-C601-4D20-AAAD-EC03CED0BC09}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
  368. FirewallRules: [TCP Query User{32515010-E0C0-4308-ADED-1252C510B732}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
  369. FirewallRules: [UDP Query User{34F61518-2A38-4A18-AF62-0DEBB88C26D7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
  370. FirewallRules: [{F2E77805-16AE-44B2-AE17-8E64991C4EB5}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1812.2810\gxxsvc.exe No File
  371. FirewallRules: [{2E8E5A62-E644-45A2-9016-F05C2F1BD124}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
  372. FirewallRules: [{405F8DE7-2D27-4D72-93F6-EF21A9911B55}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
  373. FirewallRules: [{EB2020AF-3D99-44A0-BA5C-D3B9F93572A7}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
  374. FirewallRules: [{7278CB35-BE58-4BED-9E06-D2AAB32FA254}] => (Allow) C:\Users\tanji\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
  375. FirewallRules: [{8CFC3788-5A6D-4DEB-8C01-EF7E28DBB892}] => (Allow) C:\Users\tanji\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
  376. FirewallRules: [{F6427645-BCCC-4C39-82BF-DC83330C78FE}] => (Allow) C:\Users\tanji\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe No File
  377. FirewallRules: [{0211F714-3855-4749-BFD1-AC9FAA5F88B7}] => (Allow) C:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
  378. FirewallRules: [{0CEE9CC9-5D67-43F3-B947-FD4089F5EDD0}] => (Allow) C:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
  379. FirewallRules: [TCP Query User{DFCBEAC4-89B8-48F9-927F-4547099C495E}D:\apex legends\apex\r5apex.exe] => (Allow) D:\apex legends\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
  380. FirewallRules: [UDP Query User{7235898A-C4C3-4CB4-B64D-D5A6D1728BA3}D:\apex legends\apex\r5apex.exe] => (Allow) D:\apex legends\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
  381. FirewallRules: [{57FEB27E-BB3A-4F47-9700-F0AC8EA18750}] => (Allow) C:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
  382. FirewallRules: [{B1CDF515-AECA-4C99-B2BB-B7413875E513}] => (Allow) C:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
  383. FirewallRules: [{0B6FB00E-9877-48FB-AB84-CB67E594B507}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1902.0110\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
  384. FirewallRules: [TCP Query User{55967186-7116-48A9-B9AA-0E0918D77F37}D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe No File
  385. FirewallRules: [UDP Query User{9D903A71-B9DD-4D25-8C1E-EFFBFB958103}D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base73016\heroesofthestorm_x64.exe No File
  386. FirewallRules: [{17EDAA4C-4A6F-4385-B42D-A2745B5F91CD}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
  387. FirewallRules: [{967498FF-552A-402C-9A85-9596F42154EB}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
  388. FirewallRules: [{8AD6FFEF-F96C-4090-B3EE-B2BBBD875C7A}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
  389. FirewallRules: [{275A5556-72ED-4A03-A7A6-3CE42C5A7650}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
  390. FirewallRules: [TCP Query User{A9BB7954-2444-4AA1-8FE8-5D691718B5DC}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe No File
  391. FirewallRules: [UDP Query User{BB9914E2-9A09-4068-8548-6B71CFEF9A86}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe No File
  392. FirewallRules: [{6DE8609D-775C-4774-9A1A-69D448D290E0}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1904.0511\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
  393. FirewallRules: [{F4D54A61-116F-41F8-A095-17855AAD883A}] => (Allow) D:\Apex Legends\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
  394. FirewallRules: [{DA064FA5-7A56-4118-9932-89361C53FFE3}] => (Allow) D:\Apex Legends\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
  395. FirewallRules: [TCP Query User{74E669D9-72D5-4576-9FD3-E177BA2A36DD}D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  396. FirewallRules: [UDP Query User{EC168B4E-887E-4CDF-9886-1B0809E810DE}D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
  397. FirewallRules: [TCP Query User{A5AE3DAB-C9F8-406C-BFDF-A870A4EF0603}D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe] => (Allow) D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe No File
  398. FirewallRules: [UDP Query User{E1787189-A047-47A7-9F6E-53FE86CE4F1D}D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe] => (Allow) D:\super mega baseball 2\super mega baseball 2\supermegabaseball.exe No File
  399. FirewallRules: [TCP Query User{CE8C6AAA-2DBA-47AB-B14C-91DB3C6CB1A3}C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe (Phoenix Labs -> Phoenix Labs)
  400. FirewallRules: [UDP Query User{50D6CA67-790D-40B1-801C-1B9E830BA11B}C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe] => (Allow) C:\program files\epic games\dauntless\archon\binaries\win64\dauntless-win64-shipping.exe (Phoenix Labs -> Phoenix Labs)
  401. FirewallRules: [{BD0CDBAB-6130-413D-8C54-67BA09250F43}] => (Allow) C:\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
  402. FirewallRules: [{F36CACCD-96F2-4C5C-BCA5-FB8643023798}] => (Allow) C:\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
  403. FirewallRules: [TCP Query User{F1C17449-18E0-4097-8F63-C0A00BD61E78}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe No File
  404. FirewallRules: [UDP Query User{762A2F26-2DF2-4BC6-91F3-CBA563421DCA}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe No File
  405. FirewallRules: [{B02832E7-33F8-4934-BADE-1083A8F2AECE}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe () [File not signed]
  406. FirewallRules: [{797ABECF-7536-48DA-9516-D2041CFACE3C}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe () [File not signed]
  407. FirewallRules: [{15FADF27-A75D-46D4-A934-D45C38358D29}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
  408. FirewallRules: [{E05B3D9D-228E-4D68-99C1-DC98BFFC6858}] => (Allow) D:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corporation -> ) [File not signed]
  409. FirewallRules: [TCP Query User{634352B5-A2CD-4EB6-B5F9-FAE9E4BF518D}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
  410. FirewallRules: [UDP Query User{67E805FA-B840-465C-B645-9C241E54FB74}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iw4mp.dat (Valve Corporation -> ) [File not signed]
  411. FirewallRules: [TCP Query User{E03C70C8-6B0D-456B-841A-1635BA3A7D28}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
  412. FirewallRules: [UDP Query User{DB5FBA73-6BCD-4253-921D-3887F1513B4A}D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe] => (Allow) D:\steamlibrary\steamapps\common\call of duty modern warfare 2\iwnetserver.exe (NTAuthority) [File not signed]
  413. FirewallRules: [{F71368EB-AD84-478F-AA04-9FDBB61B4508}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
  414. FirewallRules: [{445414FC-11D4-4CC2-B498-002996B46DAA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
  415. FirewallRules: [{3EFAC642-32C9-4BD0-9A97-F34350F31B31}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
  416. FirewallRules: [{685543CC-21D9-49A2-905E-D6ECC2D3E248}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
  417. FirewallRules: [{898FF48F-7C88-4507-946D-E9C625231FF9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
  418. FirewallRules: [{48CE405A-59DF-4DC3-8918-F67D0BBB819F}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
  419. FirewallRules: [{820C15C6-6F93-47FB-A7C6-588EA0844718}] => (Allow) D:\SteamLibrary\SteamApps\common\SlayTheSpire\jre\bin\javaw.exe
  420. FirewallRules: [{73E531C5-5E4F-4B44-B5C2-AF35EBE64C06}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1907.0210\gxxsvc.exe (Garena Online Pte Ltd -> Garena Online )
  421. FirewallRules: [{AA769149-56DD-437C-9D1D-BC6CB24CA3BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
  422. FirewallRules: [{28A23796-41A0-4792-A036-C5EAE603DD79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
  423. FirewallRules: [{FA2AA0C0-77B5-472B-8F49-2A18B58510A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
  424. FirewallRules: [{4DAFC38C-A43A-4F5F-899F-8179B580FAB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
  425. FirewallRules: [{884F70EF-EE95-4066-885E-6E8B2ACC873A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
  426. FirewallRules: [{1C9E641D-22C7-4CD5-8861-8D33EF5169CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
  427. FirewallRules: [{CEFFF01C-A9F0-4569-9609-6C22AB22CC12}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
  428. FirewallRules: [{0994EFC5-0066-4326-8422-5690D17EBF73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  429. FirewallRules: [{F88E796F-811A-450B-AE10-FE9B7C35303F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  430. FirewallRules: [{E7C9ABF1-62C0-4765-8822-1D913ED168E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  431. FirewallRules: [{299EA41D-75DF-4686-9823-628B4485D03A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  432.  
  433. ==================== Restore Points =========================
  434.  
  435. 01-07-2019 16:27:42 Scheduled Checkpoint
  436. 10-07-2019 20:14:34 Windows Update
  437. 16-07-2019 21:18:07 Removed Teams Machine-Wide Installer
  438. 19-07-2019 22:28:38 Checkpoint by HitmanPro
  439. 22-07-2019 15:52:29 Checkpoint by HitmanPro
  440.  
  441. ==================== Faulty Device Manager Devices =============
  442.  
  443.  
  444. ==================== Event log errors: =========================
  445.  
  446. Application errors:
  447. ==================
  448. Error: (07/22/2019 03:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
  449. Description: Faulting application name: NVDisplay.Container.exe, version: 1.15.2586.5913, time stamp: 0x5c75252f
  450. Faulting module name: KERNELBASE.dll, version: 10.0.17134.885, time stamp: 0x3672f486
  451. Exception code: 0xe06d7363
  452. Fault offset: 0x000000000003a388
  453. Faulting process id: 0x80c
  454. Faulting application start time: 0x01d5406196817239
  455. Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  456. Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
  457. Report Id: ae682371-4c34-4ce6-9de1-60d0e7419755
  458. Faulting package full name:
  459. Faulting package-relative application ID:
  460.  
  461. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  462. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000268,(null),0,REG_BINARY,0000009F0D47EBC0.72).  hr = 0x80070005, Access is denied.
  463. .
  464.  
  465. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  466. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a0c,(null),0,REG_BINARY,000000768E1FD0C0.72).  hr = 0x80070005, Access is denied.
  467. .
  468.  
  469.  
  470. Operation:
  471.    BackupShutdown Event
  472.  
  473. Context:
  474.    Execution Context: Writer
  475.    Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
  476.    Writer Name: MSSearch Service Writer
  477.    Writer Instance ID: {0eceb6bb-c68a-4761-b9a2-77050c7776e0}
  478.  
  479. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  480. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000270,(null),0,REG_BINARY,0000004ABCB7D2A0.72).  hr = 0x80070005, Access is denied.
  481. .
  482.  
  483.  
  484. Operation:
  485.    BackupShutdown Event
  486.  
  487. Context:
  488.    Execution Context: Writer
  489.    Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
  490.    Writer Name: WMI Writer
  491.    Writer Instance ID: {7b971c4a-84a3-4a81-9fe0-1acd4328f8bc}
  492.  
  493. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  494. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a0c,(null),0,REG_BINARY,000000768E1FD0D0.72).  hr = 0x80070005, Access is denied.
  495. .
  496.  
  497.  
  498. Operation:
  499.    BackupShutdown Event
  500.  
  501. Context:
  502.    Execution Context: Writer
  503.    Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
  504.    Writer Name: MSSearch Service Writer
  505.    Writer Instance ID: {0eceb6bb-c68a-4761-b9a2-77050c7776e0}
  506.  
  507. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  508. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000270,(null),0,REG_BINARY,0000004ABCB7D2B0.72).  hr = 0x80070005, Access is denied.
  509. .
  510.  
  511.  
  512. Operation:
  513.    BackupShutdown Event
  514.  
  515. Context:
  516.    Execution Context: Writer
  517.    Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
  518.    Writer Name: WMI Writer
  519.    Writer Instance ID: {7b971c4a-84a3-4a81-9fe0-1acd4328f8bc}
  520.  
  521. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  522. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x0000027c,(null),0,REG_BINARY,0000009F0D67E980.72).  hr = 0x80070005, Access is denied.
  523. .
  524.  
  525.  
  526. Operation:
  527.    BackupShutdown Event
  528.  
  529. Context:
  530.    Execution Context: Writer
  531.    Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
  532.    Writer Name: Shadow Copy Optimization Writer
  533.    Writer Instance ID: {2f6e9fd8-55ba-4109-84b6-fdba976ec1e1}
  534.  
  535. Error: (07/22/2019 03:52:48 PM) (Source: VSS) (EventID: 8193) (User: )
  536. Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000238,(null),0,REG_BINARY,0000009F0D4FEB20.72).  hr = 0x80070005, Access is denied.
  537. .
  538.  
  539.  
  540. Operation:
  541.    BackupShutdown Event
  542.  
  543. Context:
  544.    Execution Context: Writer
  545.    Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
  546.    Writer Name: Registry Writer
  547.    Writer Instance ID: {037a83d8-c0b7-4802-ad97-6bab696737c4}
  548.  
  549.  
  550. System errors:
  551. =============
  552. Error: (07/22/2019 05:10:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
  553. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  554. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  555.  and APPID
  556. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  557.  to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  558.  
  559. Error: (07/22/2019 05:09:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
  560. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  561. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  562.  and APPID
  563. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  564.  to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  565.  
  566. Error: (07/22/2019 04:58:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
  567. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  568. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  569.  and APPID
  570. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  571.  to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  572.  
  573. Error: (07/22/2019 04:53:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
  574. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  575. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  576.  and APPID
  577. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  578.  to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  579.  
  580. Error: (07/22/2019 04:53:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  581. Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
  582. Windows.SecurityCenter.WscBrokerManager
  583.  and APPID
  584. Unavailable
  585.  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  586.  
  587. Error: (07/22/2019 04:53:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  588. Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
  589. Windows.SecurityCenter.WscDataProtection
  590.  and APPID
  591. Unavailable
  592.  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  593.  
  594. Error: (07/22/2019 04:51:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KTHT43L)
  595. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  596. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  597.  and APPID
  598. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  599.  to the user DESKTOP-KTHT43L\tanji SID (S-1-5-21-366640982-2835770456-1949396758-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  600.  
  601. Error: (07/22/2019 04:50:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
  602. Description: WLAN Extensibility Module has failed to start.
  603.  
  604. Module Path: C:\WINDOWS\system32\Rtlihvs.dll
  605. Error Code: 126
  606.  
  607.  
  608. Windows Defender:
  609. ===================================
  610. Date: 2019-07-22 17:09:36.344
  611. Description:
  612. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  613. For more information please see the following:
  614. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
  615. Name: Trojan:Win32/Tiggre!plock
  616. ID: 2147723626
  617. Severity: Severe
  618. Category: Trojan
  619. Path: containerfile:_C:\Users\tanji\AppData\Roaming\khocxrrgfflv\azpjjwevwmjjvja.msi; file:_C:\Users\tanji\AppData\Roaming\khocxrrgfflv\azpjjwevwmjjvja.msi->media.cab->TempDll; file:_C:\WINDOWS\System32\Tasks\rdhttziktqcqmzj->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{756F44D4-7FA7-4A68-8A61-9D5EFD0EF43B}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rdhttziktqcqmzj; taskscheduler:_C:\WINDOWS\System32\Tasks\rdhttziktqcqmzj
  620. Detection Origin: Local machine
  621. Detection Type: FastPath
  622. Detection Source: User
  623. Process Name: Unknown
  624. Signature Version: AV: 1.299.246.0, AS: 1.299.246.0, NIS: 1.299.246.0
  625. Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
  626.  
  627. Date: 2019-07-22 16:53:58.687
  628. Description:
  629. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  630. For more information please see the following:
  631. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
  632. Name: Trojan:Win32/Tiggre!plock
  633. ID: 2147723626
  634. Severity: Severe
  635. Category: Trojan
  636. Path: file:_C:\ProgramData\TempLogs\common.dll
  637. Detection Origin: Local machine
  638. Detection Type: FastPath
  639. Detection Source: Real-Time Protection
  640. Process Name: C:\Windows\System32\rundll32.exe
  641. Signature Version: AV: 1.299.246.0, AS: 1.299.246.0, NIS: 1.299.246.0
  642. Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
  643.  
  644. Date: 2019-07-22 16:38:59.247
  645. Description:
  646. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  647. For more information please see the following:
  648. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
  649. Name: Trojan:Win32/Tiggre!plock
  650. ID: 2147723626
  651. Severity: Severe
  652. Category: Trojan
  653. Path: file:_C:\ProgramData\TempLogs\common.dll
  654. Detection Origin: Local machine
  655. Detection Type: FastPath
  656. Detection Source: Real-Time Protection
  657. Process Name: C:\Windows\explorer.exe
  658. Signature Version: AV: 1.299.240.0, AS: 1.299.240.0, NIS: 1.299.240.0
  659. Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
  660.  
  661. Date: 2019-07-22 16:38:59.096
  662. Description:
  663. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  664. For more information please see the following:
  665. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
  666. Name: Trojan:Win32/Tiggre!plock
  667. ID: 2147723626
  668. Severity: Severe
  669. Category: Trojan
  670. Path: file:_C:\ProgramData\TempLogs\common.dll; process:_pid:6220,ProcessStart:132082583066581204
  671. Detection Origin: Local machine
  672. Detection Type: FastPath
  673. Detection Source: Real-Time Protection
  674. Process Name: C:\Windows\System32\rundll32.exe
  675. Signature Version: AV: 1.299.240.0, AS: 1.299.240.0, NIS: 1.299.240.0
  676. Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
  677.  
  678. Date: 2019-07-22 16:38:57.560
  679. Description:
  680. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  681. For more information please see the following:
  682. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!plock&threatid=2147723626&enterprise=0
  683. Name: Trojan:Win32/Tiggre!plock
  684. ID: 2147723626
  685. Severity: Severe
  686. Category: Trojan
  687. Path: file:_C:\ProgramData\TempLogs\common.dll
  688. Detection Origin: Local machine
  689. Detection Type: FastPath
  690. Detection Source: Real-Time Protection
  691. Process Name: C:\Windows\explorer.exe
  692. Signature Version: AV: 1.299.240.0, AS: 1.299.240.0, NIS: 1.299.240.0
  693. Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1
  694.  
  695. Date: 2019-07-22 13:34:03.097
  696. Description:
  697. Windows Defender Antivirus has encountered an error trying to update signatures.
  698. New Signature Version:
  699. Previous Signature Version: 1.299.62.0
  700. Update Source: Microsoft Malware Protection Center
  701. Signature Type: AntiVirus
  702. Update Type: Full
  703. Current Engine Version:
  704. Previous Engine Version: 1.1.16200.1
  705. Error code: 0x80072ee7
  706. Error description: The server name or address could not be resolved
  707.  
  708. Date: 2019-07-22 13:34:03.097
  709. Description:
  710. Windows Defender Antivirus has encountered an error trying to update signatures.
  711. New Signature Version:
  712. Previous Signature Version: 1.299.62.0
  713. Update Source: Microsoft Malware Protection Center
  714. Signature Type: AntiSpyware
  715. Update Type: Full
  716. Current Engine Version:
  717. Previous Engine Version: 1.1.16200.1
  718. Error code: 0x80072ee7
  719. Error description: The server name or address could not be resolved
  720.  
  721. Date: 2019-07-22 13:34:03.097
  722. Description:
  723. Windows Defender Antivirus has encountered an error trying to update signatures.
  724. New Signature Version:
  725. Previous Signature Version: 1.299.62.0
  726. Update Source: Microsoft Malware Protection Center
  727. Signature Type: AntiVirus
  728. Update Type: Full
  729. Current Engine Version:
  730. Previous Engine Version: 1.1.16200.1
  731. Error code: 0x80072ee7
  732. Error description: The server name or address could not be resolved
  733.  
  734. Date: 2019-07-22 13:34:03.087
  735. Description:
  736. Windows Defender Antivirus has encountered an error trying to update signatures.
  737. New Signature Version:
  738. Previous Signature Version: 1.299.62.0
  739. Update Source: Microsoft Malware Protection Center
  740. Signature Type: AntiVirus
  741. Update Type: Full
  742. Current Engine Version:
  743. Previous Engine Version: 1.1.16200.1
  744. Error code: 0x80072ee7
  745. Error description: The server name or address could not be resolved
  746.  
  747. Date: 2019-07-22 13:34:03.087
  748. Description:
  749. Windows Defender Antivirus has encountered an error trying to update signatures.
  750. New Signature Version:
  751. Previous Signature Version: 1.299.62.0
  752. Update Source: Microsoft Malware Protection Center
  753. Signature Type: AntiSpyware
  754. Update Type: Full
  755. Current Engine Version:
  756. Previous Engine Version: 1.1.16200.1
  757. Error code: 0x80072ee7
  758. Error description: The server name or address could not be resolved
  759.  
  760. ==================== Memory info ===========================
  761.  
  762. BIOS: American Megatrends Inc. V5.3 07/23/2014
  763. Motherboard: MSI H97 PC Mate(MS-7850)
  764. Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
  765. Percentage of memory in use: 27%
  766. Total physical RAM: 16319.91 MB
  767. Available physical RAM: 11902.66 MB
  768. Total Virtual: 17343.91 MB
  769. Available Virtual: 11209.48 MB
  770.  
  771. ==================== Drives ================================
  772.  
  773. Drive c: () (Fixed) (Total:464.74 GB) (Free:264.73 GB) NTFS
  774. Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:1097.96 GB) NTFS
  775.  
  776. \\?\Volume{ca854363-d4b6-11e7-b19f-448a5bd2e594}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
  777. \\?\Volume{30eabc6a-1e2b-4210-9427-02cb6a9e6f1d}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
  778. \\?\Volume{385f9680-712a-476d-b071-e73e4aa2184f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
  779.  
  780. ==================== MBR & Partition Table ==================
  781.  
  782. ========================================================
  783. Disk: 0 (Size: 465.8 GB) (Disk ID: ECFDAFA2)
  784.  
  785. Partition: GPT.
  786.  
  787. ========================================================
  788. Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 8F4C4014)
  789. Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
  790.  
  791. ==================== End of Addition.txt ============================
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top